Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    035e25debf48535a889855c37a911392_JaffaCakes118

  • Size

    21KB

  • Sample

    240620-ghyfeascrb

  • MD5

    035e25debf48535a889855c37a911392

  • SHA1

    5b5ca2dc7ae8e8e038a35e1a2082503a85578b4a

  • SHA256

    e0a1191dca5a6206457f2624b310fae986173dc23945e073b2373dc531b51463

  • SHA512

    7f116e07eaa1460d368dec1ebd67ec2e2a91ec9bd6f28668e3d257add8b553d2488d1c61d4617bc64324e1d36913cc453a818f48289bf5314f073abb2a0cc1fe

  • SSDEEP

    384:1PyZNjtU2mKoJqfb/arNN2obxuzg/2zbdOZWcN+ujTYLzurzENnAk+Ic+:NyZrhkxuyabdinEzcENd+IN

Malware Config

Targets

    • Target

      035e25debf48535a889855c37a911392_JaffaCakes118

    • Size

      21KB

    • MD5

      035e25debf48535a889855c37a911392

    • SHA1

      5b5ca2dc7ae8e8e038a35e1a2082503a85578b4a

    • SHA256

      e0a1191dca5a6206457f2624b310fae986173dc23945e073b2373dc531b51463

    • SHA512

      7f116e07eaa1460d368dec1ebd67ec2e2a91ec9bd6f28668e3d257add8b553d2488d1c61d4617bc64324e1d36913cc453a818f48289bf5314f073abb2a0cc1fe

    • SSDEEP

      384:1PyZNjtU2mKoJqfb/arNN2obxuzg/2zbdOZWcN+ujTYLzurzENnAk+Ic+:NyZrhkxuyabdinEzcENd+IN

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks