Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

79b891f808...18.exe

windows7-x64

10

79b891f808...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79b891f80896a36e29cb4ed8599cacf6_JaffaCakes118

  • Size

    312KB

  • Sample

    240527-ttxz8sbb46

  • MD5

    79b891f80896a36e29cb4ed8599cacf6

  • SHA1

    2b238ea58a1c54ab4d8531a9b1e6c3c56e554f7b

  • SHA256

    1a2079f29f4de929d34127d64e682db7ea6bfdb7b55831dd4be511a024d6e237

  • SHA512

    baf68e46948abb51e59fc1867e20398b9617729a60b02883301898c5344130f107676471bf03d1e63cf0050e03d8401ae632f4500d87a15588501245692c0236

  • SSDEEP

    6144:Qdr14UChnrsy/Ay4aUi8YRBfkvtmFW/OZM9+1+gWQbHyuG9peWx5Xyy7XcW3bROJ:OyUChnrsy/Ay4aUi8YRVkvtmFW/OZM9m

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      79b891f80896a36e29cb4ed8599cacf6_JaffaCakes118

    • Size

      312KB

    • MD5

      79b891f80896a36e29cb4ed8599cacf6

    • SHA1

      2b238ea58a1c54ab4d8531a9b1e6c3c56e554f7b

    • SHA256

      1a2079f29f4de929d34127d64e682db7ea6bfdb7b55831dd4be511a024d6e237

    • SHA512

      baf68e46948abb51e59fc1867e20398b9617729a60b02883301898c5344130f107676471bf03d1e63cf0050e03d8401ae632f4500d87a15588501245692c0236

    • SSDEEP

      6144:Qdr14UChnrsy/Ay4aUi8YRBfkvtmFW/OZM9+1+gWQbHyuG9peWx5Xyy7XcW3bROJ:OyUChnrsy/Ay4aUi8YRVkvtmFW/OZM9m

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks