Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2293e7bf4a4f2a20485f6f47869eedec_JaffaCakes118

  • Size

    246KB

  • Sample

    240703-q5p7zszfre

  • MD5

    2293e7bf4a4f2a20485f6f47869eedec

  • SHA1

    92a71a8096e7d3931835e7f7906527239caef5b5

  • SHA256

    1f775b1b363099769a893f51212ddd817a008bf4ad2586851f2807e741d4659a

  • SHA512

    5ee408b69320c8cb2edb36614877209f08513fcb7bcdb51e0ac6592fec56f6dbc1bcb83e931aa6842c6681006a134041f997f472378cba9d465e5d7374d268ae

  • SSDEEP

    6144:ueEUq3/sSzA7pfXG7m9ln3T4Y9qd4yqUTJ7nTti:2M7p0mnn3kYYdeUTtpi

Malware Config

Targets

    • Target

      2293e7bf4a4f2a20485f6f47869eedec_JaffaCakes118

    • Size

      246KB

    • MD5

      2293e7bf4a4f2a20485f6f47869eedec

    • SHA1

      92a71a8096e7d3931835e7f7906527239caef5b5

    • SHA256

      1f775b1b363099769a893f51212ddd817a008bf4ad2586851f2807e741d4659a

    • SHA512

      5ee408b69320c8cb2edb36614877209f08513fcb7bcdb51e0ac6592fec56f6dbc1bcb83e931aa6842c6681006a134041f997f472378cba9d465e5d7374d268ae

    • SSDEEP

      6144:ueEUq3/sSzA7pfXG7m9ln3T4Y9qd4yqUTJ7nTti:2M7p0mnn3kYYdeUTtpi

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies WinLogon

MITRE ATT&CK Enterprise v15

Tasks