Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
00049503dc8efbe2cd220fa3dc4db5fc_JaffaCakes118
-
Size
513KB
-
Sample
240619-xdds7swfng
-
MD5
00049503dc8efbe2cd220fa3dc4db5fc
-
SHA1
3ed5cc48fd803393601b709a2d091010e8b64246
-
SHA256
538a5c5a291c724c1c9a827fb411203654634feb53839333648be6667475256e
-
SHA512
2057f8ff553f01d5e1446c1352da852d6c6f5b3187332fc9bc6adfa16e2f7a0c8ec039c8a9f4b05427326830927a2e31acf94b02d1a55944fe0911d0887c0bf3
-
SSDEEP
384:ZidD9d6GArG4Miz8nJBor2j5LtMaJNFDjbfpyXuEFLhRrzEFJRfMA:QDTWnyj5BnNpbfpUdXnEFJRfn
Static task
static1
Behavioral task
behavioral1
Sample
00049503dc8efbe2cd220fa3dc4db5fc_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
00049503dc8efbe2cd220fa3dc4db5fc_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
00049503dc8efbe2cd220fa3dc4db5fc_JaffaCakes118
-
Size
513KB
-
MD5
00049503dc8efbe2cd220fa3dc4db5fc
-
SHA1
3ed5cc48fd803393601b709a2d091010e8b64246
-
SHA256
538a5c5a291c724c1c9a827fb411203654634feb53839333648be6667475256e
-
SHA512
2057f8ff553f01d5e1446c1352da852d6c6f5b3187332fc9bc6adfa16e2f7a0c8ec039c8a9f4b05427326830927a2e31acf94b02d1a55944fe0911d0887c0bf3
-
SSDEEP
384:ZidD9d6GArG4Miz8nJBor2j5LtMaJNFDjbfpyXuEFLhRrzEFJRfMA:QDTWnyj5BnNpbfpUdXnEFJRfn
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1