Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    00049503dc8efbe2cd220fa3dc4db5fc_JaffaCakes118

  • Size

    513KB

  • Sample

    240619-xdds7swfng

  • MD5

    00049503dc8efbe2cd220fa3dc4db5fc

  • SHA1

    3ed5cc48fd803393601b709a2d091010e8b64246

  • SHA256

    538a5c5a291c724c1c9a827fb411203654634feb53839333648be6667475256e

  • SHA512

    2057f8ff553f01d5e1446c1352da852d6c6f5b3187332fc9bc6adfa16e2f7a0c8ec039c8a9f4b05427326830927a2e31acf94b02d1a55944fe0911d0887c0bf3

  • SSDEEP

    384:ZidD9d6GArG4Miz8nJBor2j5LtMaJNFDjbfpyXuEFLhRrzEFJRfMA:QDTWnyj5BnNpbfpUdXnEFJRfn

Malware Config

Targets

    • Target

      00049503dc8efbe2cd220fa3dc4db5fc_JaffaCakes118

    • Size

      513KB

    • MD5

      00049503dc8efbe2cd220fa3dc4db5fc

    • SHA1

      3ed5cc48fd803393601b709a2d091010e8b64246

    • SHA256

      538a5c5a291c724c1c9a827fb411203654634feb53839333648be6667475256e

    • SHA512

      2057f8ff553f01d5e1446c1352da852d6c6f5b3187332fc9bc6adfa16e2f7a0c8ec039c8a9f4b05427326830927a2e31acf94b02d1a55944fe0911d0887c0bf3

    • SSDEEP

      384:ZidD9d6GArG4Miz8nJBor2j5LtMaJNFDjbfpyXuEFLhRrzEFJRfMA:QDTWnyj5BnNpbfpUdXnEFJRfn

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks