Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    00cc52a50d122a909f2dc3455377a28b_JaffaCakes118

  • Size

    23KB

  • Sample

    240619-124lbaycjn

  • MD5

    00cc52a50d122a909f2dc3455377a28b

  • SHA1

    2502aca7690833bd68f62f75e93e3f3e1eae7b11

  • SHA256

    262445ee9c6dd58b1917650241de8472541ab646e73e7ed72637b83878dadd62

  • SHA512

    2ce901e59cf414bf9860c6de5241da5ee6b4c9ec18082902bcfbcdd0774133f02a86f6abcd7a6d82baf4d7a3ebdbf0a25baa82ad3ec866313e97c203d7f02a74

  • SSDEEP

    384:JPyZNjtU2mzQBzS3iAe+eijfpo2ujjXy0E01dn4zEi7R3ii:ByZ66/URozjCu1dnYEi7R3n

Malware Config

Targets

    • Target

      00cc52a50d122a909f2dc3455377a28b_JaffaCakes118

    • Size

      23KB

    • MD5

      00cc52a50d122a909f2dc3455377a28b

    • SHA1

      2502aca7690833bd68f62f75e93e3f3e1eae7b11

    • SHA256

      262445ee9c6dd58b1917650241de8472541ab646e73e7ed72637b83878dadd62

    • SHA512

      2ce901e59cf414bf9860c6de5241da5ee6b4c9ec18082902bcfbcdd0774133f02a86f6abcd7a6d82baf4d7a3ebdbf0a25baa82ad3ec866313e97c203d7f02a74

    • SSDEEP

      384:JPyZNjtU2mzQBzS3iAe+eijfpo2ujjXy0E01dn4zEi7R3ii:ByZ66/URozjCu1dnYEi7R3n

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks