Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
001e364bb090bc4238022479a5bfa519_JaffaCakes118
-
Size
22KB
-
Sample
240619-xzp4csxglb
-
MD5
001e364bb090bc4238022479a5bfa519
-
SHA1
a11f85c2026bbe1e63baae5f9edb734fc4258683
-
SHA256
0db452c2c716d9ecb6fc53b830ddca3539999acbf9efde478f448b3dcaf49c37
-
SHA512
76cc73220f6e86b576435dbeeca0d47e9d7ceaac32a0394ac6c2033c7cb62187d6898a09a7f577baa75967f29cd34608b755a66eb06f3abe21bedc2537fda0b8
-
SSDEEP
384:rPyZNjtU2mSEImLxJgRDYnErQ95dzE3YIj1G1yE/erozfL7P5z29l2uiHeV:zyZexkYwQFzEB1G1qro7L7Pd29lfx
Static task
static1
Behavioral task
behavioral1
Sample
001e364bb090bc4238022479a5bfa519_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
001e364bb090bc4238022479a5bfa519_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
001e364bb090bc4238022479a5bfa519_JaffaCakes118
-
Size
22KB
-
MD5
001e364bb090bc4238022479a5bfa519
-
SHA1
a11f85c2026bbe1e63baae5f9edb734fc4258683
-
SHA256
0db452c2c716d9ecb6fc53b830ddca3539999acbf9efde478f448b3dcaf49c37
-
SHA512
76cc73220f6e86b576435dbeeca0d47e9d7ceaac32a0394ac6c2033c7cb62187d6898a09a7f577baa75967f29cd34608b755a66eb06f3abe21bedc2537fda0b8
-
SSDEEP
384:rPyZNjtU2mSEImLxJgRDYnErQ95dzE3YIj1G1yE/erozfL7P5z29l2uiHeV:zyZexkYwQFzEB1G1qro7L7Pd29lfx
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1