Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e2d4863f047f60bb0fe315cfb2dc05c9_JaffaCakes118
-
Size
156KB
-
Sample
240406-sp2l7ada81
-
MD5
e2d4863f047f60bb0fe315cfb2dc05c9
-
SHA1
7a78af14af4422eeb30258533679e515a5c14ad9
-
SHA256
dc87ac814d6e86da2bfccc9f2fa7b66f7572dc8abcf98cd5d1f63ff3431f5cac
-
SHA512
d3423d188a878f8a290e172ea099f9759e5811107f8df93cc6098a64a6aaa7a9148d15fdb55fa8406591b55eba3fce08db31bdf9ae2b9378984d6c6e10d4e761
-
SSDEEP
3072:sc4OgyDPNSRoOrzvc9YIKGeA8KmdA+/42tiE5hH927k5gdaHxGg:sTOgyjNSKOMNKRAmdAG4X/aHxt
Static task
static1
Behavioral task
behavioral1
Sample
e2d4863f047f60bb0fe315cfb2dc05c9_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
e2d4863f047f60bb0fe315cfb2dc05c9_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e2d4863f047f60bb0fe315cfb2dc05c9_JaffaCakes118
-
Size
156KB
-
MD5
e2d4863f047f60bb0fe315cfb2dc05c9
-
SHA1
7a78af14af4422eeb30258533679e515a5c14ad9
-
SHA256
dc87ac814d6e86da2bfccc9f2fa7b66f7572dc8abcf98cd5d1f63ff3431f5cac
-
SHA512
d3423d188a878f8a290e172ea099f9759e5811107f8df93cc6098a64a6aaa7a9148d15fdb55fa8406591b55eba3fce08db31bdf9ae2b9378984d6c6e10d4e761
-
SSDEEP
3072:sc4OgyDPNSRoOrzvc9YIKGeA8KmdA+/42tiE5hH927k5gdaHxGg:sTOgyjNSKOMNKRAmdAG4X/aHxt
Score8/10-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1