Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
000e1d3cef19885fa01648c4e46c9f1d_JaffaCakes118
-
Size
517KB
-
Sample
240619-xlfyja1gmk
-
MD5
000e1d3cef19885fa01648c4e46c9f1d
-
SHA1
16258153d534e4ebd0cec868eda90ee211f3a667
-
SHA256
b8b78e2680750c57fd1756c7970c3d8beb7b8ca7abff2a2bb8c67c948e6c1831
-
SHA512
84c3d8a06819752e50e181ee96f5d0b2a8ee8acd4d372bb9f6625c19b1fbd905ca00096458042abf63f2c2756bf9fc9611ee7e98c9ecaf122e7bac0d999afd93
-
SSDEEP
384:5dD9d6G42wTDnyyzJo69+YaYho0z8TVuzFLkmPC4jttsEVN4zXtx98SFfO0:5HkWyYYPolVuJ9CYttGXtf8Mt
Malware Config
Targets
-
-
Target
000e1d3cef19885fa01648c4e46c9f1d_JaffaCakes118
-
Size
517KB
-
MD5
000e1d3cef19885fa01648c4e46c9f1d
-
SHA1
16258153d534e4ebd0cec868eda90ee211f3a667
-
SHA256
b8b78e2680750c57fd1756c7970c3d8beb7b8ca7abff2a2bb8c67c948e6c1831
-
SHA512
84c3d8a06819752e50e181ee96f5d0b2a8ee8acd4d372bb9f6625c19b1fbd905ca00096458042abf63f2c2756bf9fc9611ee7e98c9ecaf122e7bac0d999afd93
-
SSDEEP
384:5dD9d6G42wTDnyyzJo69+YaYho0z8TVuzFLkmPC4jttsEVN4zXtx98SFfO0:5HkWyYYPolVuJ9CYttGXtf8Mt
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1