Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    241de4ff99280e62491447841bb98b26_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240508-kx29pafb59

  • MD5

    241de4ff99280e62491447841bb98b26

  • SHA1

    43c6b6f58eeebbf20788c3b369b0caa4f8cbeb91

  • SHA256

    82aca7cdcd48530ce0d3b03c78b43a90bde1fb814cfa9ba878361baec63fdbdb

  • SHA512

    27c77fee3da98856cbbf94b081d7f577674d39093dcec01d20f80b6db79a9f3cbf601cc9695b1568f2aa487a45933671acb3070d9da910b8651dcfea3ede53bd

  • SSDEEP

    12288:RFfwcHcu8pMkZ3Fn9d+Vd3SUZ+7EeI1x7f7V3+hT6DaRWz58kc+1xy8SyG24:RJcu8pl9d+VdCUhN1SsNK+1pSyD4

Score
10/10

Malware Config

Targets

    • Target

      241de4ff99280e62491447841bb98b26_JaffaCakes118

    • Size

      1.9MB

    • MD5

      241de4ff99280e62491447841bb98b26

    • SHA1

      43c6b6f58eeebbf20788c3b369b0caa4f8cbeb91

    • SHA256

      82aca7cdcd48530ce0d3b03c78b43a90bde1fb814cfa9ba878361baec63fdbdb

    • SHA512

      27c77fee3da98856cbbf94b081d7f577674d39093dcec01d20f80b6db79a9f3cbf601cc9695b1568f2aa487a45933671acb3070d9da910b8651dcfea3ede53bd

    • SSDEEP

      12288:RFfwcHcu8pMkZ3Fn9d+Vd3SUZ+7EeI1x7f7V3+hT6DaRWz58kc+1xy8SyG24:RJcu8pl9d+VdCUhN1SsNK+1pSyD4

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds policy Run key to start application

    • Modifies Installed Components in the registry

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks