Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0038ce2ef3e022906f4984afca67dc7f_JaffaCakes118
-
Size
21KB
-
Sample
240619-ylyzsayfqh
-
MD5
0038ce2ef3e022906f4984afca67dc7f
-
SHA1
2d186fcbee21fdd89f5f0cf023aef7ea3e2e2274
-
SHA256
8b75f83b1606867589254723d86b0d49368c42d2b446b75c9e81e07c6a3b75a7
-
SHA512
cbfe0078b44fdd6d7ff509e6b5a4f544ca16441908668f13e2711ce27ef692c28ab4b7649a496a6de77396557efe9559d8905e89f3deb408c16f3598355bf18c
-
SSDEEP
384:byVlNjtU2eRlAbAV86myl9vyrTj7+erY0jeV/YzE7hJH6bN:mVlSdBsnbY0u/4E7hYbN
Static task
static1
Behavioral task
behavioral1
Sample
0038ce2ef3e022906f4984afca67dc7f_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0038ce2ef3e022906f4984afca67dc7f_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
0038ce2ef3e022906f4984afca67dc7f_JaffaCakes118
-
Size
21KB
-
MD5
0038ce2ef3e022906f4984afca67dc7f
-
SHA1
2d186fcbee21fdd89f5f0cf023aef7ea3e2e2274
-
SHA256
8b75f83b1606867589254723d86b0d49368c42d2b446b75c9e81e07c6a3b75a7
-
SHA512
cbfe0078b44fdd6d7ff509e6b5a4f544ca16441908668f13e2711ce27ef692c28ab4b7649a496a6de77396557efe9559d8905e89f3deb408c16f3598355bf18c
-
SSDEEP
384:byVlNjtU2eRlAbAV86myl9vyrTj7+erY0jeV/YzE7hJH6bN:mVlSdBsnbY0u/4E7hYbN
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1