Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
00cc52a50d122a909f2dc3455377a28b_JaffaCakes118
-
Size
23KB
-
Sample
240619-124lbaycjn
-
MD5
00cc52a50d122a909f2dc3455377a28b
-
SHA1
2502aca7690833bd68f62f75e93e3f3e1eae7b11
-
SHA256
262445ee9c6dd58b1917650241de8472541ab646e73e7ed72637b83878dadd62
-
SHA512
2ce901e59cf414bf9860c6de5241da5ee6b4c9ec18082902bcfbcdd0774133f02a86f6abcd7a6d82baf4d7a3ebdbf0a25baa82ad3ec866313e97c203d7f02a74
-
SSDEEP
384:JPyZNjtU2mzQBzS3iAe+eijfpo2ujjXy0E01dn4zEi7R3ii:ByZ66/URozjCu1dnYEi7R3n
Static task
static1
Behavioral task
behavioral1
Sample
00cc52a50d122a909f2dc3455377a28b_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
00cc52a50d122a909f2dc3455377a28b_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
00cc52a50d122a909f2dc3455377a28b_JaffaCakes118
-
Size
23KB
-
MD5
00cc52a50d122a909f2dc3455377a28b
-
SHA1
2502aca7690833bd68f62f75e93e3f3e1eae7b11
-
SHA256
262445ee9c6dd58b1917650241de8472541ab646e73e7ed72637b83878dadd62
-
SHA512
2ce901e59cf414bf9860c6de5241da5ee6b4c9ec18082902bcfbcdd0774133f02a86f6abcd7a6d82baf4d7a3ebdbf0a25baa82ad3ec866313e97c203d7f02a74
-
SSDEEP
384:JPyZNjtU2mzQBzS3iAe+eijfpo2ujjXy0E01dn4zEi7R3ii:ByZ66/URozjCu1dnYEi7R3n
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1