Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0159d2f6c5...18.dll

windows7-x64

10

0159d2f6c5...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0159d2f6c5d67bc644f7048e9ca4bbff_JaffaCakes118

  • Size

    23KB

  • Sample

    240620-afsntasfpj

  • MD5

    0159d2f6c5d67bc644f7048e9ca4bbff

  • SHA1

    4fe8f9ce18191c798bcfacb5618c7b1cf0f175bc

  • SHA256

    f796e1ecdc8806de7fe9f6d2f9e99db9cc651371ec698460d0013b83447d681f

  • SHA512

    7ea35f1c1e7148be88f4b75f4a212f4b0bf2c6b986483961e22908a3e64c912bd540a1bb093e765cdf53a2dcbc629fdc4ad85f327efbb9619f83b0483a6362b3

  • SSDEEP

    384:CyVlNjtU2eFMgUSNHFAfEo7NuBocta8sLIDvFhrzLhiDqEj17rTPFDzElFB6c:HVlD8m57NbcTSIjQDBlvF/ElFBV

Score
10/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      0159d2f6c5d67bc644f7048e9ca4bbff_JaffaCakes118

    • Size

      23KB

    • MD5

      0159d2f6c5d67bc644f7048e9ca4bbff

    • SHA1

      4fe8f9ce18191c798bcfacb5618c7b1cf0f175bc

    • SHA256

      f796e1ecdc8806de7fe9f6d2f9e99db9cc651371ec698460d0013b83447d681f

    • SHA512

      7ea35f1c1e7148be88f4b75f4a212f4b0bf2c6b986483961e22908a3e64c912bd540a1bb093e765cdf53a2dcbc629fdc4ad85f327efbb9619f83b0483a6362b3

    • SSDEEP

      384:CyVlNjtU2eFMgUSNHFAfEo7NuBocta8sLIDvFhrzLhiDqEj17rTPFDzElFB6c:HVlD8m57NbcTSIjQDBlvF/ElFBV

    Score
    10/10
    evasionpersistenceprivilege_escalation

    • Modifies firewall policy service

      evasion

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks