Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1485f0573fb1fd11425316fcd61c075b_JaffaCakes118

  • Size

    19KB

  • Sample

    240627-d2tpsazfmd

  • MD5

    1485f0573fb1fd11425316fcd61c075b

  • SHA1

    b7012fd49533845a91d3aec5023b745606513054

  • SHA256

    84ed4a57332d193ee1949b2be1fe9ee877de854783782b64a9115c1bd5d38034

  • SHA512

    f2faa7e11bb366c9c14601087d35565808050bc486600614a135c122af5aed6a9859382a4567c8be8285f27f5236fd54441f5d00f557f089942505e55e6b6e1c

  • SSDEEP

    384:eGDoJyx4fBJ6gdc8SOSKtnTP+LvI+OaOcI7OXED9YbQzSYGbkOhORSnQz4M:lkyWbc8SJKtTP4vISV6aEEb4OUM

Malware Config

Targets

    • Target

      1485f0573fb1fd11425316fcd61c075b_JaffaCakes118

    • Size

      19KB

    • MD5

      1485f0573fb1fd11425316fcd61c075b

    • SHA1

      b7012fd49533845a91d3aec5023b745606513054

    • SHA256

      84ed4a57332d193ee1949b2be1fe9ee877de854783782b64a9115c1bd5d38034

    • SHA512

      f2faa7e11bb366c9c14601087d35565808050bc486600614a135c122af5aed6a9859382a4567c8be8285f27f5236fd54441f5d00f557f089942505e55e6b6e1c

    • SSDEEP

      384:eGDoJyx4fBJ6gdc8SOSKtnTP+LvI+OaOcI7OXED9YbQzSYGbkOhORSnQz4M:lkyWbc8SJKtTP4vISV6aEEb4OUM

    • Modifies firewall policy service

    • Impair Defenses: Safe Mode Boot

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks