Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
035e25debf48535a889855c37a911392_JaffaCakes118
-
Size
21KB
-
Sample
240620-ghyfeascrb
-
MD5
035e25debf48535a889855c37a911392
-
SHA1
5b5ca2dc7ae8e8e038a35e1a2082503a85578b4a
-
SHA256
e0a1191dca5a6206457f2624b310fae986173dc23945e073b2373dc531b51463
-
SHA512
7f116e07eaa1460d368dec1ebd67ec2e2a91ec9bd6f28668e3d257add8b553d2488d1c61d4617bc64324e1d36913cc453a818f48289bf5314f073abb2a0cc1fe
-
SSDEEP
384:1PyZNjtU2mKoJqfb/arNN2obxuzg/2zbdOZWcN+ujTYLzurzENnAk+Ic+:NyZrhkxuyabdinEzcENd+IN
Static task
static1
Behavioral task
behavioral1
Sample
035e25debf48535a889855c37a911392_JaffaCakes118.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
035e25debf48535a889855c37a911392_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
035e25debf48535a889855c37a911392_JaffaCakes118
-
Size
21KB
-
MD5
035e25debf48535a889855c37a911392
-
SHA1
5b5ca2dc7ae8e8e038a35e1a2082503a85578b4a
-
SHA256
e0a1191dca5a6206457f2624b310fae986173dc23945e073b2373dc531b51463
-
SHA512
7f116e07eaa1460d368dec1ebd67ec2e2a91ec9bd6f28668e3d257add8b553d2488d1c61d4617bc64324e1d36913cc453a818f48289bf5314f073abb2a0cc1fe
-
SSDEEP
384:1PyZNjtU2mKoJqfb/arNN2obxuzg/2zbdOZWcN+ujTYLzurzENnAk+Ic+:NyZrhkxuyabdinEzcENd+IN
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1