Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
002d47e84fed7682ca2f98a694d272b9_JaffaCakes118
-
Size
21KB
-
Sample
240619-ycsfmsycra
-
MD5
002d47e84fed7682ca2f98a694d272b9
-
SHA1
331f584b4830241ad8fbc1a79cb6e0826fa366fd
-
SHA256
843e7e88ba5b101021e3054aa801058966520b19f7c3769dcc50f691d5606b37
-
SHA512
e85d7efbf1211b311c9cbcfa66ecc0fcedff361651e11a7fa3a126afb3335df598879225b18df01cf539b22ba6fc87189c1003247763e8fb1c2705c4b1f8b82e
-
SSDEEP
384:vyVlNjtU2eZ8ABDZ6Uw2+k436mMBtejEugzEmCqQS:qVlvqZY1k4BqteE7EmC0
Static task
static1
Behavioral task
behavioral1
Sample
002d47e84fed7682ca2f98a694d272b9_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
002d47e84fed7682ca2f98a694d272b9_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
002d47e84fed7682ca2f98a694d272b9_JaffaCakes118
-
Size
21KB
-
MD5
002d47e84fed7682ca2f98a694d272b9
-
SHA1
331f584b4830241ad8fbc1a79cb6e0826fa366fd
-
SHA256
843e7e88ba5b101021e3054aa801058966520b19f7c3769dcc50f691d5606b37
-
SHA512
e85d7efbf1211b311c9cbcfa66ecc0fcedff361651e11a7fa3a126afb3335df598879225b18df01cf539b22ba6fc87189c1003247763e8fb1c2705c4b1f8b82e
-
SSDEEP
384:vyVlNjtU2eZ8ABDZ6Uw2+k436mMBtejEugzEmCqQS:qVlvqZY1k4BqteE7EmC0
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1