Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e92d48423426636c44cdaf8e16a22129_JaffaCakes118

  • Size

    18KB

  • Sample

    240409-el66lsea94

  • MD5

    e92d48423426636c44cdaf8e16a22129

  • SHA1

    001bb2a29e431bc21cbb0b8ec6e70edbbbb166b6

  • SHA256

    7f50065b78e13e0ab94df1973f672fbe72a497953a67b54675e69ea2be5cb0bc

  • SHA512

    03f85e32b45918009ba9934cb88f8473016d20311d52c1a9424f4f86390ace16739c677952fb2a9067adceef3e0873b6e21059c62e7670778d83b7d7704bb428

  • SSDEEP

    384:rfCv/LONr7/AVnEZD2CM5JjzqKj8BcpextpKqI2moQgywUftt:rW/LONr7oVnkaCM7dj8BcpUtGafHct

Malware Config

Targets

    • Target

      e92d48423426636c44cdaf8e16a22129_JaffaCakes118

    • Size

      18KB

    • MD5

      e92d48423426636c44cdaf8e16a22129

    • SHA1

      001bb2a29e431bc21cbb0b8ec6e70edbbbb166b6

    • SHA256

      7f50065b78e13e0ab94df1973f672fbe72a497953a67b54675e69ea2be5cb0bc

    • SHA512

      03f85e32b45918009ba9934cb88f8473016d20311d52c1a9424f4f86390ace16739c677952fb2a9067adceef3e0873b6e21059c62e7670778d83b7d7704bb428

    • SSDEEP

      384:rfCv/LONr7/AVnEZD2CM5JjzqKj8BcpextpKqI2moQgywUftt:rW/LONr7oVnkaCM7dj8BcpUtGafHct

    • Adds policy Run key to start application

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks