Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    459c0d38381e87ddcad66d46a491af7d_JaffaCakes118

  • Size

    672KB

  • Sample

    241015-dzvjasscph

  • MD5

    459c0d38381e87ddcad66d46a491af7d

  • SHA1

    5071764a9c3d0f250ee08ad9589ab08259f0a201

  • SHA256

    d86d936cb73d2352d56e632564acb04c0ad3016d3ea91c53849095f67c7de0c1

  • SHA512

    734da37d367323271acaa9238581ae0a1c2d72f1209405255bed450f5239778387127d622ada5173b1b554f33c9550ff328f76c1fee1aadcf87b2b7592e420ae

  • SSDEEP

    12288:IRAN1qs7xHBRNboF3M7QURb2mo5QTK5NZtFstfmR/OKi7XGm4ZXyBI:EMHRblfb2m1G57tWe/OKiqXyB

Malware Config

Targets

    • Target

      459c0d38381e87ddcad66d46a491af7d_JaffaCakes118

    • Size

      672KB

    • MD5

      459c0d38381e87ddcad66d46a491af7d

    • SHA1

      5071764a9c3d0f250ee08ad9589ab08259f0a201

    • SHA256

      d86d936cb73d2352d56e632564acb04c0ad3016d3ea91c53849095f67c7de0c1

    • SHA512

      734da37d367323271acaa9238581ae0a1c2d72f1209405255bed450f5239778387127d622ada5173b1b554f33c9550ff328f76c1fee1aadcf87b2b7592e420ae

    • SSDEEP

      12288:IRAN1qs7xHBRNboF3M7QURb2mo5QTK5NZtFstfmR/OKi7XGm4ZXyBI:EMHRblfb2m1G57tWe/OKiqXyB

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

    • Enumerates VirtualBox registry keys

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks