Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f18064fbd77645586cc39047a7485238_JaffaCakes118

  • Size

    3.6MB

  • Sample

    240415-t4abxsdc5x

  • MD5

    f18064fbd77645586cc39047a7485238

  • SHA1

    b9ac9a905bb92a0137f7c39303fc715a675c09a9

  • SHA256

    257f2818157f8d0deb0bec5b86fa3d21b6b68ae456669bcfd68ac52e0dbc32ff

  • SHA512

    6dc479aba12e387992ba2680799baea36d1195c097e3c94237e973227a8464c1cfce22c9487e276fe5ec83e68ff48e4412f07014b15d4d9656cad2db7cd15a1e

  • SSDEEP

    49152:SEjtrqyB6CZCPya8Pbnyln44yWfqcvgQJmdCZM8eUlF6JJpNbH:SEprnICsPB8PbnGn9tqcvRtW8vGjbH

Score
8/10

Malware Config

Targets

    • Target

      f18064fbd77645586cc39047a7485238_JaffaCakes118

    • Size

      3.6MB

    • MD5

      f18064fbd77645586cc39047a7485238

    • SHA1

      b9ac9a905bb92a0137f7c39303fc715a675c09a9

    • SHA256

      257f2818157f8d0deb0bec5b86fa3d21b6b68ae456669bcfd68ac52e0dbc32ff

    • SHA512

      6dc479aba12e387992ba2680799baea36d1195c097e3c94237e973227a8464c1cfce22c9487e276fe5ec83e68ff48e4412f07014b15d4d9656cad2db7cd15a1e

    • SSDEEP

      49152:SEjtrqyB6CZCPya8Pbnyln44yWfqcvgQJmdCZM8eUlF6JJpNbH:SEprnICsPB8PbnGn9tqcvRtW8vGjbH

    Score
    8/10
    • Modifies Windows Firewall

    • Stops running service(s)

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks