Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    001e364bb090bc4238022479a5bfa519_JaffaCakes118

  • Size

    22KB

  • Sample

    240619-xzp4csxglb

  • MD5

    001e364bb090bc4238022479a5bfa519

  • SHA1

    a11f85c2026bbe1e63baae5f9edb734fc4258683

  • SHA256

    0db452c2c716d9ecb6fc53b830ddca3539999acbf9efde478f448b3dcaf49c37

  • SHA512

    76cc73220f6e86b576435dbeeca0d47e9d7ceaac32a0394ac6c2033c7cb62187d6898a09a7f577baa75967f29cd34608b755a66eb06f3abe21bedc2537fda0b8

  • SSDEEP

    384:rPyZNjtU2mSEImLxJgRDYnErQ95dzE3YIj1G1yE/erozfL7P5z29l2uiHeV:zyZexkYwQFzEB1G1qro7L7Pd29lfx

Malware Config

Targets

    • Target

      001e364bb090bc4238022479a5bfa519_JaffaCakes118

    • Size

      22KB

    • MD5

      001e364bb090bc4238022479a5bfa519

    • SHA1

      a11f85c2026bbe1e63baae5f9edb734fc4258683

    • SHA256

      0db452c2c716d9ecb6fc53b830ddca3539999acbf9efde478f448b3dcaf49c37

    • SHA512

      76cc73220f6e86b576435dbeeca0d47e9d7ceaac32a0394ac6c2033c7cb62187d6898a09a7f577baa75967f29cd34608b755a66eb06f3abe21bedc2537fda0b8

    • SSDEEP

      384:rPyZNjtU2mSEImLxJgRDYnErQ95dzE3YIj1G1yE/erozfL7P5z29l2uiHeV:zyZexkYwQFzEB1G1qro7L7Pd29lfx

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks