Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
29ea15e2f6f1203efc43b70f5db5fbdd_JaffaCakes118
-
Size
26KB
-
Sample
240707-mb2gdazanl
-
MD5
29ea15e2f6f1203efc43b70f5db5fbdd
-
SHA1
da8e620ca8414d67c5a825101a41d1bd04c812fd
-
SHA256
ccec33ce2d9ed55126413d630f73dc1cc3be73079d70066aaa98a24d513ae26b
-
SHA512
7d56ea661fe47121bf3484cb6b45f2f0ca31344429773092722728692cdf95dc24136806f6da3e40aa1150c689b4f997685f72f4ae37eaf93371238909209db6
-
SSDEEP
768:A8NUhbRKfWLFUwoSY2+zyYlesjAN3H/nIC3:A9bLFUjN2+zy+jwvnIC
Behavioral task
behavioral1
Sample
29ea15e2f6f1203efc43b70f5db5fbdd_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
29ea15e2f6f1203efc43b70f5db5fbdd_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
29ea15e2f6f1203efc43b70f5db5fbdd_JaffaCakes118
-
Size
26KB
-
MD5
29ea15e2f6f1203efc43b70f5db5fbdd
-
SHA1
da8e620ca8414d67c5a825101a41d1bd04c812fd
-
SHA256
ccec33ce2d9ed55126413d630f73dc1cc3be73079d70066aaa98a24d513ae26b
-
SHA512
7d56ea661fe47121bf3484cb6b45f2f0ca31344429773092722728692cdf95dc24136806f6da3e40aa1150c689b4f997685f72f4ae37eaf93371238909209db6
-
SSDEEP
768:A8NUhbRKfWLFUwoSY2+zyYlesjAN3H/nIC3:A9bLFUjN2+zy+jwvnIC
Score8/10-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Server Software Component: Terminal Services DLL
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
1Image File Execution Options Injection
1Server Software Component
1Terminal Services DLL
1Privilege Escalation
Event Triggered Execution
1Image File Execution Options Injection
1