Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
267773fdad7ae1984bfc052fb653903d_JaffaCakes118
-
Size
60KB
-
Sample
240704-2fvlysvfne
-
MD5
267773fdad7ae1984bfc052fb653903d
-
SHA1
b6c5bf1bafd819405282680b110832ef90e245eb
-
SHA256
b0808e2245fc5fb4fb12056f711729df27d9a01faa276894928af2580b8d9e37
-
SHA512
1b6dc400338f7aeeb11082a54d6d4a8d694230ed68c88e4e23c4142592c6b30823bf37d055b4f3ba1941114d88b82203dfce7691932f5635c0dd82feb375c215
-
SSDEEP
1536:bQhWdNgUP4/3ZiWY+6V1NLCBT8bjltWOjdZ7:ngPZY+Q0ubptWO5N
Malware Config
Targets
-
-
Target
267773fdad7ae1984bfc052fb653903d_JaffaCakes118
-
Size
60KB
-
MD5
267773fdad7ae1984bfc052fb653903d
-
SHA1
b6c5bf1bafd819405282680b110832ef90e245eb
-
SHA256
b0808e2245fc5fb4fb12056f711729df27d9a01faa276894928af2580b8d9e37
-
SHA512
1b6dc400338f7aeeb11082a54d6d4a8d694230ed68c88e4e23c4142592c6b30823bf37d055b4f3ba1941114d88b82203dfce7691932f5635c0dd82feb375c215
-
SSDEEP
1536:bQhWdNgUP4/3ZiWY+6V1NLCBT8bjltWOjdZ7:ngPZY+Q0ubptWO5N
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
2AppInit DLLs
1Netsh Helper DLL
1