Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1c186f01de5b2c94942e630f4f777d18_JaffaCakes118

  • Size

    697KB

  • Sample

    240701-xc2tmsxckj

  • MD5

    1c186f01de5b2c94942e630f4f777d18

  • SHA1

    2ed4384640595888c23d90859180d95a64b1f504

  • SHA256

    d3d07d5f9818f7531fa667fefeae8627bb5141c538973624d6c4e403387191b1

  • SHA512

    bc41502b306a20eb99a14a4511a71b37dd25a0e7f43588a80979cc85e2702f558da28213a77585dac3e8005ca215ddc6625b4f2148f6998dcbc57766d5ffc616

  • SSDEEP

    12288:iPPMnQwGCh8TBgsy3h8VJO5hWzRzONjx5dFacPes8FFi3PpXG1/licdVhANT7yk6:EtwNaBg3IOxNjLdF+UG1/lDdVhkCkMPD

Malware Config

Targets

    • Target

      1c186f01de5b2c94942e630f4f777d18_JaffaCakes118

    • Size

      697KB

    • MD5

      1c186f01de5b2c94942e630f4f777d18

    • SHA1

      2ed4384640595888c23d90859180d95a64b1f504

    • SHA256

      d3d07d5f9818f7531fa667fefeae8627bb5141c538973624d6c4e403387191b1

    • SHA512

      bc41502b306a20eb99a14a4511a71b37dd25a0e7f43588a80979cc85e2702f558da28213a77585dac3e8005ca215ddc6625b4f2148f6998dcbc57766d5ffc616

    • SSDEEP

      12288:iPPMnQwGCh8TBgsy3h8VJO5hWzRzONjx5dFacPes8FFi3PpXG1/licdVhANT7yk6:EtwNaBg3IOxNjLdF+UG1/lDdVhkCkMPD

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks