Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0f8400701f3a4e6525c490d71f6cf9fd_JaffaCakes118
-
Size
31KB
-
Sample
240625-zvlaqawakl
-
MD5
0f8400701f3a4e6525c490d71f6cf9fd
-
SHA1
4580d3fb9fe2d1b651b9efb3553db4351532153f
-
SHA256
ebaa953b74c972e466c1d44247731f42d68432d0ff9c6b81b9b4bcf9558f13eb
-
SHA512
26311612e5ab752ec90430209d59faf2448830cf38433125b5703b2278769cd46fc74086ce04f46e6aa1a1d870109c6633dfdd42a9fb93f9ba23f046f20bab56
-
SSDEEP
768:RZ3K/FLK2QC91gHsmMmUhNJuk5ZXl+MntUQnbcuyD7U4lGuW0:/AxSDM/pDlDntpnouy84/W0
Static task
static1
Behavioral task
behavioral1
Sample
0f8400701f3a4e6525c490d71f6cf9fd_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0f8400701f3a4e6525c490d71f6cf9fd_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
0f8400701f3a4e6525c490d71f6cf9fd_JaffaCakes118
-
Size
31KB
-
MD5
0f8400701f3a4e6525c490d71f6cf9fd
-
SHA1
4580d3fb9fe2d1b651b9efb3553db4351532153f
-
SHA256
ebaa953b74c972e466c1d44247731f42d68432d0ff9c6b81b9b4bcf9558f13eb
-
SHA512
26311612e5ab752ec90430209d59faf2448830cf38433125b5703b2278769cd46fc74086ce04f46e6aa1a1d870109c6633dfdd42a9fb93f9ba23f046f20bab56
-
SSDEEP
768:RZ3K/FLK2QC91gHsmMmUhNJuk5ZXl+MntUQnbcuyD7U4lGuW0:/AxSDM/pDlDntpnouy84/W0
Score10/10-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
2Disable or Modify Tools
1Modify Registry
3