Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    08034160c327bb95906ebe7bf1dfe448_JaffaCakes118

  • Size

    43KB

  • Sample

    240620-vjp3basdqm

  • MD5

    08034160c327bb95906ebe7bf1dfe448

  • SHA1

    9c464ea0b72cf03864e8b006f58646cb04dc00b9

  • SHA256

    92d09a697a2e51dcd1ce9d5245e4598da8e074604eb1425b6e7e4347f3ef64df

  • SHA512

    05846c34cf499d3ff1525f24bba984df06edd6e3d0e4153c2634dc73eca8ce432041ebf4adaf6b1894050602c325fe62ee7235338ee3ef9a9e4b92daf24635be

  • SSDEEP

    768:3PJadenAqtYQnaXH96rV2kllriFqR7Atmqfvfj7sMC72ZWzFwKF/Kppl8:3PnAClrVLTrEqNAxvXsf7rzV/KpX8

Malware Config

Targets

    • Target

      08034160c327bb95906ebe7bf1dfe448_JaffaCakes118

    • Size

      43KB

    • MD5

      08034160c327bb95906ebe7bf1dfe448

    • SHA1

      9c464ea0b72cf03864e8b006f58646cb04dc00b9

    • SHA256

      92d09a697a2e51dcd1ce9d5245e4598da8e074604eb1425b6e7e4347f3ef64df

    • SHA512

      05846c34cf499d3ff1525f24bba984df06edd6e3d0e4153c2634dc73eca8ce432041ebf4adaf6b1894050602c325fe62ee7235338ee3ef9a9e4b92daf24635be

    • SSDEEP

      768:3PJadenAqtYQnaXH96rV2kllriFqR7Atmqfvfj7sMC72ZWzFwKF/Kppl8:3PnAClrVLTrEqNAxvXsf7rzV/KpX8

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks