Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    561de96265f50a07da38a45bf5cb6a75_JaffaCakes118

  • Size

    151KB

  • Sample

    241018-h2z9satfqf

  • MD5

    561de96265f50a07da38a45bf5cb6a75

  • SHA1

    953becd20c151f9a47b9a699bf69858b732c327e

  • SHA256

    6c2d2ead3d7604d3964bdfc82ec7a039a30bd0c859be9847c6507c9592ab471f

  • SHA512

    b6713cf7e5d0f9277b67fec9271b8a9cc1456272f6bef058783ea41d7fa6f86bd688cfd32a3933ed77abc71d3d03f90a6742a1536e06bf04e80de1c46541263e

  • SSDEEP

    3072:nK62PXJLEGlSJH/BAA92VkMSNx3mUge+dhojTs:nKX/JLEGkJH/uNkMege+w3s

Malware Config

Targets

    • Target

      561de96265f50a07da38a45bf5cb6a75_JaffaCakes118

    • Size

      151KB

    • MD5

      561de96265f50a07da38a45bf5cb6a75

    • SHA1

      953becd20c151f9a47b9a699bf69858b732c327e

    • SHA256

      6c2d2ead3d7604d3964bdfc82ec7a039a30bd0c859be9847c6507c9592ab471f

    • SHA512

      b6713cf7e5d0f9277b67fec9271b8a9cc1456272f6bef058783ea41d7fa6f86bd688cfd32a3933ed77abc71d3d03f90a6742a1536e06bf04e80de1c46541263e

    • SSDEEP

      3072:nK62PXJLEGlSJH/BAA92VkMSNx3mUge+dhojTs:nKX/JLEGkJH/uNkMege+w3s

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks