Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
06faac3605f8a1fb2d06a5d320422213_JaffaCakes118
-
Size
3.1MB
-
Sample
240429-gry4asce9s
-
MD5
06faac3605f8a1fb2d06a5d320422213
-
SHA1
414301f64972426195164e32fad4d239f9ebefba
-
SHA256
79a976cff73a10a848ef2f53c10aaa9ce73d6a908562953506458b157bc16d11
-
SHA512
542d08b6214828eb5b8d04c250feaca099f8122b9291e299d2c536c3a58714495336acb4a527dde6d29badfdc3e192b60fe1dbfcc52948e76e8a6b8c385cd0bb
-
SSDEEP
49152:+UJ6ZNXox4SgJhBsfHJq/nCFT4Mv0Pt97R:+tR4xGnCtvwV
Static task
static1
Behavioral task
behavioral1
Sample
06faac3605f8a1fb2d06a5d320422213_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
06faac3605f8a1fb2d06a5d320422213_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
06faac3605f8a1fb2d06a5d320422213_JaffaCakes118
-
Size
3.1MB
-
MD5
06faac3605f8a1fb2d06a5d320422213
-
SHA1
414301f64972426195164e32fad4d239f9ebefba
-
SHA256
79a976cff73a10a848ef2f53c10aaa9ce73d6a908562953506458b157bc16d11
-
SHA512
542d08b6214828eb5b8d04c250feaca099f8122b9291e299d2c536c3a58714495336acb4a527dde6d29badfdc3e192b60fe1dbfcc52948e76e8a6b8c385cd0bb
-
SSDEEP
49152:+UJ6ZNXox4SgJhBsfHJq/nCFT4Mv0Pt97R:+tR4xGnCtvwV
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1