Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    22dd39db0489272af6af0c20d213f62c_JaffaCakes118

  • Size

    245KB

  • Sample

    240703-szbhrawfjb

  • MD5

    22dd39db0489272af6af0c20d213f62c

  • SHA1

    026b92a6ff74a689fdfcd7484c14931601564e24

  • SHA256

    162e75673dc2873b99c895f48d8b1621296c8fdde2e98dd70dd490999ef8e03e

  • SHA512

    7efd5ff67a42a56ddeb977193290678358d9b8d8b247c9b896857b0d6ac782864292f4685c296355c6f136e2ec38b1cdfbafcf8b6b2b47745be936f7c7b03c9b

  • SSDEEP

    6144:+pAwrYwShsVZffYGw4veAEZ2uaUQ2vdEHFhfN:+9rOGZfw2E4mQiMF

Score
10/10

Malware Config

Targets

    • Target

      22dd39db0489272af6af0c20d213f62c_JaffaCakes118

    • Size

      245KB

    • MD5

      22dd39db0489272af6af0c20d213f62c

    • SHA1

      026b92a6ff74a689fdfcd7484c14931601564e24

    • SHA256

      162e75673dc2873b99c895f48d8b1621296c8fdde2e98dd70dd490999ef8e03e

    • SHA512

      7efd5ff67a42a56ddeb977193290678358d9b8d8b247c9b896857b0d6ac782864292f4685c296355c6f136e2ec38b1cdfbafcf8b6b2b47745be936f7c7b03c9b

    • SSDEEP

      6144:+pAwrYwShsVZffYGw4veAEZ2uaUQ2vdEHFhfN:+9rOGZfw2E4mQiMF

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies WinLogon

MITRE ATT&CK Enterprise v15

Tasks