Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
14f88a2abea6068b178f7048ba6f37a7_JaffaCakes118
-
Size
89KB
-
Sample
240627-g4bhrswdre
-
MD5
14f88a2abea6068b178f7048ba6f37a7
-
SHA1
d436d5e99a9670d9193c95e43d2eede84b1385fb
-
SHA256
1ccec6ca6121d6c8f963371bbe5233e607d881eb9df1fbdb689f8d749000b5e5
-
SHA512
8c0de6d07970c5f683219da4122af525d8ce899c408cba8d82932da1a549beda72f94b7e8f2f421fd140eaed7d99a09d596531dfd3766884b5347f4ad316d3bf
-
SSDEEP
1536:VE/nwTl9e12Jpu+z5ds06EEssa9aNJYtbfRiiZh8M2NFy:VEel9q2JphzvqEOiZh8M2
Behavioral task
behavioral1
Sample
14f88a2abea6068b178f7048ba6f37a7_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
14f88a2abea6068b178f7048ba6f37a7_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
14f88a2abea6068b178f7048ba6f37a7_JaffaCakes118
-
Size
89KB
-
MD5
14f88a2abea6068b178f7048ba6f37a7
-
SHA1
d436d5e99a9670d9193c95e43d2eede84b1385fb
-
SHA256
1ccec6ca6121d6c8f963371bbe5233e607d881eb9df1fbdb689f8d749000b5e5
-
SHA512
8c0de6d07970c5f683219da4122af525d8ce899c408cba8d82932da1a549beda72f94b7e8f2f421fd140eaed7d99a09d596531dfd3766884b5347f4ad316d3bf
-
SSDEEP
1536:VE/nwTl9e12Jpu+z5ds06EEssa9aNJYtbfRiiZh8M2NFy:VEel9q2JphzvqEOiZh8M2
-
Modifies firewall policy service
-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Deletes itself
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Browser Extensions
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1