Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2c3e975d39b604ffae928c681871fc30_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240509-3hbsasge82

  • MD5

    2c3e975d39b604ffae928c681871fc30

  • SHA1

    f54562a17ad64dc95ad8066e1fb00aab0c51d2d5

  • SHA256

    00f2fbdaef1ce0a4ec71de4c8d857fa8f4bba669d10414880971cf244f42d6e1

  • SHA512

    d5f03b72d6f2b6a7e91ef1b4927cc9eebdec2151a3fbc162b414abbabe6bf6918b088cfee66f9790fc01a61dbe3692c1981c77e6e571b1dbd10bf6f57498aea2

  • SSDEEP

    12288:RFfwcHcu8pMkZ3Fn9d+Vd3SUZ+7EeI1x7f7V3+hT6DaRWz58kc+1xy8SyGc4Y:RJcu8pl9d+VdCUhN1SsNK+1pSyp4Y

Score
10/10

Malware Config

Targets

    • Target

      2c3e975d39b604ffae928c681871fc30_JaffaCakes118

    • Size

      1.9MB

    • MD5

      2c3e975d39b604ffae928c681871fc30

    • SHA1

      f54562a17ad64dc95ad8066e1fb00aab0c51d2d5

    • SHA256

      00f2fbdaef1ce0a4ec71de4c8d857fa8f4bba669d10414880971cf244f42d6e1

    • SHA512

      d5f03b72d6f2b6a7e91ef1b4927cc9eebdec2151a3fbc162b414abbabe6bf6918b088cfee66f9790fc01a61dbe3692c1981c77e6e571b1dbd10bf6f57498aea2

    • SSDEEP

      12288:RFfwcHcu8pMkZ3Fn9d+Vd3SUZ+7EeI1x7f7V3+hT6DaRWz58kc+1xy8SyGc4Y:RJcu8pl9d+VdCUhN1SsNK+1pSyp4Y

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds policy Run key to start application

    • Modifies Installed Components in the registry

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks