Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    14882e222e00685cb3700a6bc1c6deeb_JaffaCakes118

  • Size

    24KB

  • Sample

    240627-d386vszgjh

  • MD5

    14882e222e00685cb3700a6bc1c6deeb

  • SHA1

    09eb0f3d4dc19c7a49548dbbeea711495f0fe422

  • SHA256

    d5e8e64d63f6a3b11ae0ff742fe7682dd7a67e2e8d588cfd6b9e2db983cb6dfd

  • SHA512

    7864fe2a806f1e9fc2f9f30c067cc05b1c757a550b6061fdf9996c1ab8322fbdd301d8fdc6dbc850e04e884d93db90403f2879f7781cc1e71339a7bb956e253a

  • SSDEEP

    384:s/7e8zdTyBsyqAIZhg8wwgSQA/bIgRtEnSj67xkJ8Xp6dLMtXebNImv4+YXg1wmD:qWsyqAggjATbfdjIXp6xImv2swoz

Malware Config

Targets

    • Target

      14882e222e00685cb3700a6bc1c6deeb_JaffaCakes118

    • Size

      24KB

    • MD5

      14882e222e00685cb3700a6bc1c6deeb

    • SHA1

      09eb0f3d4dc19c7a49548dbbeea711495f0fe422

    • SHA256

      d5e8e64d63f6a3b11ae0ff742fe7682dd7a67e2e8d588cfd6b9e2db983cb6dfd

    • SHA512

      7864fe2a806f1e9fc2f9f30c067cc05b1c757a550b6061fdf9996c1ab8322fbdd301d8fdc6dbc850e04e884d93db90403f2879f7781cc1e71339a7bb956e253a

    • SSDEEP

      384:s/7e8zdTyBsyqAIZhg8wwgSQA/bIgRtEnSj67xkJ8Xp6dLMtXebNImv4+YXg1wmD:qWsyqAggjATbfdjIXp6xImv2swoz

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Drops file in Drivers directory

    • Deletes itself

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks