Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f71cd32104a490af24802ce9ab8cf8ef_JaffaCakes118

  • Size

    202KB

  • Sample

    240418-df8a2sad51

  • MD5

    f71cd32104a490af24802ce9ab8cf8ef

  • SHA1

    de02d72f7e8776488a7cf56bd382982eaed9de2f

  • SHA256

    8626018552d0429ed34fc847203b3ba12f459f446e679e318c653996a438da98

  • SHA512

    aa73cc4cb6074c6ff5ce1936ce3fc2f3fcffa8eb7bf43e42d55b3ad2d5f887d6be3ce5299c903d8de8f2a70ec5da43f508e7dfe9e00a809b356a759c0fe96218

  • SSDEEP

    6144:seoGs0nLprGHub4kIcFQPlK0LRvfjHFKrNZ:seuQB//WP75js

Score
10/10

Malware Config

Targets

    • Target

      f71cd32104a490af24802ce9ab8cf8ef_JaffaCakes118

    • Size

      202KB

    • MD5

      f71cd32104a490af24802ce9ab8cf8ef

    • SHA1

      de02d72f7e8776488a7cf56bd382982eaed9de2f

    • SHA256

      8626018552d0429ed34fc847203b3ba12f459f446e679e318c653996a438da98

    • SHA512

      aa73cc4cb6074c6ff5ce1936ce3fc2f3fcffa8eb7bf43e42d55b3ad2d5f887d6be3ce5299c903d8de8f2a70ec5da43f508e7dfe9e00a809b356a759c0fe96218

    • SSDEEP

      6144:seoGs0nLprGHub4kIcFQPlK0LRvfjHFKrNZ:seuQB//WP75js

    Score
    10/10
    • Modifies WinLogon for persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks