Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    14d9e3f77834c1f2b5282a057fe9040d_JaffaCakes118

  • Size

    166KB

  • Sample

    240627-gbckcsxdqq

  • MD5

    14d9e3f77834c1f2b5282a057fe9040d

  • SHA1

    b2c78b9378bb1bf07566b2d1acb116c7f463a616

  • SHA256

    64158f10fe114bce246b5ff68404d9a2c141ac882d9061c1dd2bd78e2d457272

  • SHA512

    2845eda2e004df599dccb217f8da9b3db1535b7faa539b8ad1bc19d1a0364262decb528b68c9090f794b4b46c1adbe0ed52e0721d899681ae76d9f14f0ea9d22

  • SSDEEP

    3072:eTU56gVxj27Nel6fewiVWFZWm7TR1uNZ8:14jfGWyK8y

Malware Config

Targets

    • Target

      14d9e3f77834c1f2b5282a057fe9040d_JaffaCakes118

    • Size

      166KB

    • MD5

      14d9e3f77834c1f2b5282a057fe9040d

    • SHA1

      b2c78b9378bb1bf07566b2d1acb116c7f463a616

    • SHA256

      64158f10fe114bce246b5ff68404d9a2c141ac882d9061c1dd2bd78e2d457272

    • SHA512

      2845eda2e004df599dccb217f8da9b3db1535b7faa539b8ad1bc19d1a0364262decb528b68c9090f794b4b46c1adbe0ed52e0721d899681ae76d9f14f0ea9d22

    • SSDEEP

      3072:eTU56gVxj27Nel6fewiVWFZWm7TR1uNZ8:14jfGWyK8y

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks