Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    14e679adb6ea96365c31513d890e4267_JaffaCakes118

  • Size

    100KB

  • Sample

    240627-glykksxhmn

  • MD5

    14e679adb6ea96365c31513d890e4267

  • SHA1

    675223e14e4d6f6aaba8098ddd323acf319dc976

  • SHA256

    8ece77fea65d52541c7366a226c4cc555c98f46f09a4cda7e02bf645e3242e65

  • SHA512

    4945194e9b77d97786a4713c97fb53fedb4ba67ed1796c541710906a01b04cad63acfc90acd5dc9fecb2bd5315643e1bc02647c2ea52f2ed8974cf4743c4e82c

  • SSDEEP

    3072:Te6nUIwuEwmx+iwUDA1fhQWkcnx0YPLgo47Y:6mRwuyxONI7Y

Malware Config

Targets

    • Target

      14e679adb6ea96365c31513d890e4267_JaffaCakes118

    • Size

      100KB

    • MD5

      14e679adb6ea96365c31513d890e4267

    • SHA1

      675223e14e4d6f6aaba8098ddd323acf319dc976

    • SHA256

      8ece77fea65d52541c7366a226c4cc555c98f46f09a4cda7e02bf645e3242e65

    • SHA512

      4945194e9b77d97786a4713c97fb53fedb4ba67ed1796c541710906a01b04cad63acfc90acd5dc9fecb2bd5315643e1bc02647c2ea52f2ed8974cf4743c4e82c

    • SSDEEP

      3072:Te6nUIwuEwmx+iwUDA1fhQWkcnx0YPLgo47Y:6mRwuyxONI7Y

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks