Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0088e298e23cf2d7ef8e5b247efbb84b_JaffaCakes118
-
Size
22KB
-
Sample
240619-z4yx6ssamd
-
MD5
0088e298e23cf2d7ef8e5b247efbb84b
-
SHA1
bdd483d8471162868e25f9ade49e0a08e3e2bf2e
-
SHA256
f46c657575ab7a714bbcdd39cb09c1bc4f84652376bc1907260b5be3174e81b2
-
SHA512
a43055e7eba8919ced4888da263a8e29ddb24ba7279bc7f4a6f82a97cd0074eef9eb2ef7b59a44bfa84cb5637e435ee0feaa9c2ec14b811da942a8832d294791
-
SSDEEP
384:fPyZNjtU2m+wZDsJCwypCGmbvRCbjKBSLtljHxtEo4HpzEAxAWkj:HyZ3+pOpbZCtLtBRsNEAxA5
Static task
static1
Behavioral task
behavioral1
Sample
0088e298e23cf2d7ef8e5b247efbb84b_JaffaCakes118.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0088e298e23cf2d7ef8e5b247efbb84b_JaffaCakes118.dll
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
0088e298e23cf2d7ef8e5b247efbb84b_JaffaCakes118
-
Size
22KB
-
MD5
0088e298e23cf2d7ef8e5b247efbb84b
-
SHA1
bdd483d8471162868e25f9ade49e0a08e3e2bf2e
-
SHA256
f46c657575ab7a714bbcdd39cb09c1bc4f84652376bc1907260b5be3174e81b2
-
SHA512
a43055e7eba8919ced4888da263a8e29ddb24ba7279bc7f4a6f82a97cd0074eef9eb2ef7b59a44bfa84cb5637e435ee0feaa9c2ec14b811da942a8832d294791
-
SSDEEP
384:fPyZNjtU2m+wZDsJCwypCGmbvRCbjKBSLtljHxtEo4HpzEAxAWkj:HyZ3+pOpbZCtLtBRsNEAxA5
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1