Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0088e298e2...18.dll

windows7-x64

10

0088e298e2...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0088e298e23cf2d7ef8e5b247efbb84b_JaffaCakes118

  • Size

    22KB

  • Sample

    240619-z4yx6ssamd

  • MD5

    0088e298e23cf2d7ef8e5b247efbb84b

  • SHA1

    bdd483d8471162868e25f9ade49e0a08e3e2bf2e

  • SHA256

    f46c657575ab7a714bbcdd39cb09c1bc4f84652376bc1907260b5be3174e81b2

  • SHA512

    a43055e7eba8919ced4888da263a8e29ddb24ba7279bc7f4a6f82a97cd0074eef9eb2ef7b59a44bfa84cb5637e435ee0feaa9c2ec14b811da942a8832d294791

  • SSDEEP

    384:fPyZNjtU2m+wZDsJCwypCGmbvRCbjKBSLtljHxtEo4HpzEAxAWkj:HyZ3+pOpbZCtLtBRsNEAxA5

Score
10/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      0088e298e23cf2d7ef8e5b247efbb84b_JaffaCakes118

    • Size

      22KB

    • MD5

      0088e298e23cf2d7ef8e5b247efbb84b

    • SHA1

      bdd483d8471162868e25f9ade49e0a08e3e2bf2e

    • SHA256

      f46c657575ab7a714bbcdd39cb09c1bc4f84652376bc1907260b5be3174e81b2

    • SHA512

      a43055e7eba8919ced4888da263a8e29ddb24ba7279bc7f4a6f82a97cd0074eef9eb2ef7b59a44bfa84cb5637e435ee0feaa9c2ec14b811da942a8832d294791

    • SSDEEP

      384:fPyZNjtU2m+wZDsJCwypCGmbvRCbjKBSLtljHxtEo4HpzEAxAWkj:HyZ3+pOpbZCtLtBRsNEAxA5

    Score
    10/10
    evasionpersistenceprivilege_escalation

    • Modifies firewall policy service

      evasion

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks