Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d1c90a830f731e6eefc40f7401df240_JaffaCakes118
-
Size
176KB
-
Sample
240625-hrzv9svhmg
-
MD5
0d1c90a830f731e6eefc40f7401df240
-
SHA1
e41de2563c50bb787a46b7393c1cd6ac21df9293
-
SHA256
aebdfac12809398fe17f1f559c6e77022e9aa01893397060f30ce1a5d57272be
-
SHA512
ff10a9888ad57ea38d8c5163a1e8b80b9c4ee7d3937f01d1f3a613c55c2c9fd958bb316d15103a7ab1da4c486b23c35308dff544019aff2424bedd905d36d84f
-
SSDEEP
1536:k/WdbpSAH1TQWZS+fN2Ep0FWW4PQV1vh8bJaAj+IXn8zzUYp:k/WdpSQ1TZZS+vp0FW1PQV1vhpM83jp
Malware Config
Targets
-
-
Target
0d1c90a830f731e6eefc40f7401df240_JaffaCakes118
-
Size
176KB
-
MD5
0d1c90a830f731e6eefc40f7401df240
-
SHA1
e41de2563c50bb787a46b7393c1cd6ac21df9293
-
SHA256
aebdfac12809398fe17f1f559c6e77022e9aa01893397060f30ce1a5d57272be
-
SHA512
ff10a9888ad57ea38d8c5163a1e8b80b9c4ee7d3937f01d1f3a613c55c2c9fd958bb316d15103a7ab1da4c486b23c35308dff544019aff2424bedd905d36d84f
-
SSDEEP
1536:k/WdbpSAH1TQWZS+fN2Ep0FWW4PQV1vh8bJaAj+IXn8zzUYp:k/WdpSQ1TZZS+vp0FW1PQV1vhpM83jp
Score10/10-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4