Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    11f19953e60b9fb51290e6e2c957ef83_JaffaCakes118

  • Size

    244KB

  • Sample

    240626-pgssjatgqa

  • MD5

    11f19953e60b9fb51290e6e2c957ef83

  • SHA1

    f6f9145197858347670cfb6e0b286f58abfe485a

  • SHA256

    768a623a22cdcd633110581f30d990823e70a62f4d17acad954b4814b2f42098

  • SHA512

    63cd7714dd56d9187373b7e74a92bad9f7c874b8fa1a954361622cd5e25e6463b067173b4aa8f553116805266874da9d8b26800d70c8b48d8142f7e408574fda

  • SSDEEP

    3072:gwJIKTlc8m1/NlnxklbdHOCTrQ6K3Y9gRCN62D5ReBvPzCxpQToBeEWUH:gLkNm1/NlxEh3QZRCNbD5cBDCxReE3H

Malware Config

Targets

    • Target

      11f19953e60b9fb51290e6e2c957ef83_JaffaCakes118

    • Size

      244KB

    • MD5

      11f19953e60b9fb51290e6e2c957ef83

    • SHA1

      f6f9145197858347670cfb6e0b286f58abfe485a

    • SHA256

      768a623a22cdcd633110581f30d990823e70a62f4d17acad954b4814b2f42098

    • SHA512

      63cd7714dd56d9187373b7e74a92bad9f7c874b8fa1a954361622cd5e25e6463b067173b4aa8f553116805266874da9d8b26800d70c8b48d8142f7e408574fda

    • SSDEEP

      3072:gwJIKTlc8m1/NlnxklbdHOCTrQ6K3Y9gRCN62D5ReBvPzCxpQToBeEWUH:gLkNm1/NlxEh3QZRCNbD5cBDCxReE3H

    • Server Software Component: Terminal Services DLL

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks