Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    12311cc235e275dcc60a730d871f58a0_JaffaCakes118

  • Size

    51KB

  • Sample

    240626-q3sv4axcpc

  • MD5

    12311cc235e275dcc60a730d871f58a0

  • SHA1

    72bd16b83752322a3065e6babe313b7a7a8936aa

  • SHA256

    08b29bebdc1352bb5c37382f3e32a712d12e217339417e99cd278606c2b06004

  • SHA512

    b482b6116cb16999509678c36047b54c71b279f031cc2a098f6283833a825eec5d4f5588bbf7aa4fcf3d9a1bced88c5ea21fa3faa12625ad13ddb17d3a300fa7

  • SSDEEP

    768:PQ1nkeIu1kNVLQKn/HHbGFnJUV9bHZ4Q5y86jdXdWe/tC1rvUr+EEmRHBztZN9Mz:a31kNVLn/bGUV9dpXIdXMFMLRRXMz

Malware Config

Targets

    • Target

      12311cc235e275dcc60a730d871f58a0_JaffaCakes118

    • Size

      51KB

    • MD5

      12311cc235e275dcc60a730d871f58a0

    • SHA1

      72bd16b83752322a3065e6babe313b7a7a8936aa

    • SHA256

      08b29bebdc1352bb5c37382f3e32a712d12e217339417e99cd278606c2b06004

    • SHA512

      b482b6116cb16999509678c36047b54c71b279f031cc2a098f6283833a825eec5d4f5588bbf7aa4fcf3d9a1bced88c5ea21fa3faa12625ad13ddb17d3a300fa7

    • SSDEEP

      768:PQ1nkeIu1kNVLQKn/HHbGFnJUV9bHZ4Q5y86jdXdWe/tC1rvUr+EEmRHBztZN9Mz:a31kNVLn/bGUV9dpXIdXMFMLRRXMz

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Drops file in Drivers directory

    • Deletes itself

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks