Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5656d0479ebae0a00921838af36e3339_JaffaCakes118

  • Size

    168KB

  • Sample

    241018-j111csyfjj

  • MD5

    5656d0479ebae0a00921838af36e3339

  • SHA1

    a4390d2ccca585684b3f2f88e423872e9d58faab

  • SHA256

    1e38d1591e7be09e9b957d600438351dc956a3aae1baba7f797c099cb1f89433

  • SHA512

    44cabddef6460042b63076fdd7ece32f276fc2e0bb909873a65520c2ced015ae4341ad7f7caeee13f7ee1c0d46e8532c04e79892d23ecba9c68f799b3bfa0017

  • SSDEEP

    3072:nnWXFyNV18vM3ksRqK/GVPE2euy4GR97vj:nDNf8EksgK8EXusX77

Malware Config

Targets

    • Target

      5656d0479ebae0a00921838af36e3339_JaffaCakes118

    • Size

      168KB

    • MD5

      5656d0479ebae0a00921838af36e3339

    • SHA1

      a4390d2ccca585684b3f2f88e423872e9d58faab

    • SHA256

      1e38d1591e7be09e9b957d600438351dc956a3aae1baba7f797c099cb1f89433

    • SHA512

      44cabddef6460042b63076fdd7ece32f276fc2e0bb909873a65520c2ced015ae4341ad7f7caeee13f7ee1c0d46e8532c04e79892d23ecba9c68f799b3bfa0017

    • SSDEEP

      3072:nnWXFyNV18vM3ksRqK/GVPE2euy4GR97vj:nDNf8EksgK8EXusX77

    • Modifies firewall policy service

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks