Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0038ce2ef3e022906f4984afca67dc7f_JaffaCakes118

  • Size

    21KB

  • Sample

    240619-ylyzsayfqh

  • MD5

    0038ce2ef3e022906f4984afca67dc7f

  • SHA1

    2d186fcbee21fdd89f5f0cf023aef7ea3e2e2274

  • SHA256

    8b75f83b1606867589254723d86b0d49368c42d2b446b75c9e81e07c6a3b75a7

  • SHA512

    cbfe0078b44fdd6d7ff509e6b5a4f544ca16441908668f13e2711ce27ef692c28ab4b7649a496a6de77396557efe9559d8905e89f3deb408c16f3598355bf18c

  • SSDEEP

    384:byVlNjtU2eRlAbAV86myl9vyrTj7+erY0jeV/YzE7hJH6bN:mVlSdBsnbY0u/4E7hYbN

Malware Config

Targets

    • Target

      0038ce2ef3e022906f4984afca67dc7f_JaffaCakes118

    • Size

      21KB

    • MD5

      0038ce2ef3e022906f4984afca67dc7f

    • SHA1

      2d186fcbee21fdd89f5f0cf023aef7ea3e2e2274

    • SHA256

      8b75f83b1606867589254723d86b0d49368c42d2b446b75c9e81e07c6a3b75a7

    • SHA512

      cbfe0078b44fdd6d7ff509e6b5a4f544ca16441908668f13e2711ce27ef692c28ab4b7649a496a6de77396557efe9559d8905e89f3deb408c16f3598355bf18c

    • SSDEEP

      384:byVlNjtU2eRlAbAV86myl9vyrTj7+erY0jeV/YzE7hJH6bN:mVlSdBsnbY0u/4E7hYbN

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks