Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    128394c4fa5db44d001d415665c98edf_JaffaCakes118

  • Size

    39KB

  • Sample

    240626-s5ga7atfmr

  • MD5

    128394c4fa5db44d001d415665c98edf

  • SHA1

    fbbe024ddc3f552bb53f495b73d6626bf6d27559

  • SHA256

    33a37adad6fb9555f45400fcb164140bef02b07fdc8c964ce5b6fc8bc22b7257

  • SHA512

    b212fdeb79103ae5e86b42cd0269482f2ac1be432f79f7e0898bf00eec4c9886a02ab76a849a2751ee7b2db055c63e525dd6addc40fe33dd0bc6d9ccba4264cf

  • SSDEEP

    768:B3n6+CxWcvDHq0o7kuN7GGbziD9QdfUUcAQnRGXu0Q9SQcD:B36CcxWkuJG4o9QGUcXnRQ75QK

Malware Config

Targets

    • Target

      128394c4fa5db44d001d415665c98edf_JaffaCakes118

    • Size

      39KB

    • MD5

      128394c4fa5db44d001d415665c98edf

    • SHA1

      fbbe024ddc3f552bb53f495b73d6626bf6d27559

    • SHA256

      33a37adad6fb9555f45400fcb164140bef02b07fdc8c964ce5b6fc8bc22b7257

    • SHA512

      b212fdeb79103ae5e86b42cd0269482f2ac1be432f79f7e0898bf00eec4c9886a02ab76a849a2751ee7b2db055c63e525dd6addc40fe33dd0bc6d9ccba4264cf

    • SSDEEP

      768:B3n6+CxWcvDHq0o7kuN7GGbziD9QdfUUcAQnRGXu0Q9SQcD:B36CcxWkuJG4o9QGUcXnRQ75QK

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Adds Run key to start application

    • Modifies WinLogon

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Users

MITRE ATT&CK Enterprise v15

Tasks