Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2a86f92de01e3f08e0af59aabc9a13bf_JaffaCakes118
-
Size
603KB
-
Sample
240509-sethtsah26
-
MD5
2a86f92de01e3f08e0af59aabc9a13bf
-
SHA1
c621434e087c27091890349ff1cc91909962da02
-
SHA256
d56069151528d45e4a56df5fd28ef9c6f9a67493415ecebfafaa76bc8fa03b72
-
SHA512
334c66628c3219fcc56a2a41a5941c64eac11fb87537b12bd535e3b1f4d60460195ab676edd17e51697042f608687f0496ada8fa1ac12cfec23e989c69fd164d
-
SSDEEP
12288:UZWtI6RkTBoaKeZJys73dOvXDpNjNe8hs/orOuD6:UuhaTBvKeZJ8NI8hO4Zu
Static task
static1
Behavioral task
behavioral1
Sample
2a86f92de01e3f08e0af59aabc9a13bf_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2a86f92de01e3f08e0af59aabc9a13bf_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2a86f92de01e3f08e0af59aabc9a13bf_JaffaCakes118
-
Size
603KB
-
MD5
2a86f92de01e3f08e0af59aabc9a13bf
-
SHA1
c621434e087c27091890349ff1cc91909962da02
-
SHA256
d56069151528d45e4a56df5fd28ef9c6f9a67493415ecebfafaa76bc8fa03b72
-
SHA512
334c66628c3219fcc56a2a41a5941c64eac11fb87537b12bd535e3b1f4d60460195ab676edd17e51697042f608687f0496ada8fa1ac12cfec23e989c69fd164d
-
SSDEEP
12288:UZWtI6RkTBoaKeZJys73dOvXDpNjNe8hs/orOuD6:UuhaTBvKeZJ8NI8hO4Zu
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1