Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    002d47e84fed7682ca2f98a694d272b9_JaffaCakes118

  • Size

    21KB

  • Sample

    240619-ycsfmsycra

  • MD5

    002d47e84fed7682ca2f98a694d272b9

  • SHA1

    331f584b4830241ad8fbc1a79cb6e0826fa366fd

  • SHA256

    843e7e88ba5b101021e3054aa801058966520b19f7c3769dcc50f691d5606b37

  • SHA512

    e85d7efbf1211b311c9cbcfa66ecc0fcedff361651e11a7fa3a126afb3335df598879225b18df01cf539b22ba6fc87189c1003247763e8fb1c2705c4b1f8b82e

  • SSDEEP

    384:vyVlNjtU2eZ8ABDZ6Uw2+k436mMBtejEugzEmCqQS:qVlvqZY1k4BqteE7EmC0

Malware Config

Targets

    • Target

      002d47e84fed7682ca2f98a694d272b9_JaffaCakes118

    • Size

      21KB

    • MD5

      002d47e84fed7682ca2f98a694d272b9

    • SHA1

      331f584b4830241ad8fbc1a79cb6e0826fa366fd

    • SHA256

      843e7e88ba5b101021e3054aa801058966520b19f7c3769dcc50f691d5606b37

    • SHA512

      e85d7efbf1211b311c9cbcfa66ecc0fcedff361651e11a7fa3a126afb3335df598879225b18df01cf539b22ba6fc87189c1003247763e8fb1c2705c4b1f8b82e

    • SSDEEP

      384:vyVlNjtU2eZ8ABDZ6Uw2+k436mMBtejEugzEmCqQS:qVlvqZY1k4BqteE7EmC0

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks