Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2619fc0e1164e34cb38db9b006b712d9_JaffaCakes118
-
Size
72KB
-
Sample
240704-ywvecawglj
-
MD5
2619fc0e1164e34cb38db9b006b712d9
-
SHA1
d9a1fea4c9e528fb9dc9de4a184f1c8a6ab62b2f
-
SHA256
43c557f31dd08c6d4427571c99324d5070fac9b3782b4df110e0e62c0611a5d6
-
SHA512
be23c422f457d277aa8fd8111700390a8c1293df2501fc5cc8e61f9bf4161c78211c6da4f1be2cce37a3d6aedc9ddb960b41d63377be91cbafd78ca6e2aee59b
-
SSDEEP
768:kAx1gWpJqddHs/FcN8wgNWYle9JPVnHkN9/fq6WIuteJSh0AlZpmYXrnut5EjHaC:iYcObNZdfq6WztDrpTC3js8zNj0Ja8
Malware Config
Targets
-
-
Target
2619fc0e1164e34cb38db9b006b712d9_JaffaCakes118
-
Size
72KB
-
MD5
2619fc0e1164e34cb38db9b006b712d9
-
SHA1
d9a1fea4c9e528fb9dc9de4a184f1c8a6ab62b2f
-
SHA256
43c557f31dd08c6d4427571c99324d5070fac9b3782b4df110e0e62c0611a5d6
-
SHA512
be23c422f457d277aa8fd8111700390a8c1293df2501fc5cc8e61f9bf4161c78211c6da4f1be2cce37a3d6aedc9ddb960b41d63377be91cbafd78ca6e2aee59b
-
SSDEEP
768:kAx1gWpJqddHs/FcN8wgNWYle9JPVnHkN9/fq6WIuteJSh0AlZpmYXrnut5EjHaC:iYcObNZdfq6WztDrpTC3js8zNj0Ja8
Score10/10-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1