Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    29ea15e2f6f1203efc43b70f5db5fbdd_JaffaCakes118

  • Size

    26KB

  • Sample

    240707-mb2gdazanl

  • MD5

    29ea15e2f6f1203efc43b70f5db5fbdd

  • SHA1

    da8e620ca8414d67c5a825101a41d1bd04c812fd

  • SHA256

    ccec33ce2d9ed55126413d630f73dc1cc3be73079d70066aaa98a24d513ae26b

  • SHA512

    7d56ea661fe47121bf3484cb6b45f2f0ca31344429773092722728692cdf95dc24136806f6da3e40aa1150c689b4f997685f72f4ae37eaf93371238909209db6

  • SSDEEP

    768:A8NUhbRKfWLFUwoSY2+zyYlesjAN3H/nIC3:A9bLFUjN2+zy+jwvnIC

Score
8/10

Malware Config

Targets

    • Target

      29ea15e2f6f1203efc43b70f5db5fbdd_JaffaCakes118

    • Size

      26KB

    • MD5

      29ea15e2f6f1203efc43b70f5db5fbdd

    • SHA1

      da8e620ca8414d67c5a825101a41d1bd04c812fd

    • SHA256

      ccec33ce2d9ed55126413d630f73dc1cc3be73079d70066aaa98a24d513ae26b

    • SHA512

      7d56ea661fe47121bf3484cb6b45f2f0ca31344429773092722728692cdf95dc24136806f6da3e40aa1150c689b4f997685f72f4ae37eaf93371238909209db6

    • SSDEEP

      768:A8NUhbRKfWLFUwoSY2+zyYlesjAN3H/nIC3:A9bLFUjN2+zy+jwvnIC

    Score
    8/10
    • Drops file in Drivers directory

    • Event Triggered Execution: Image File Execution Options Injection

    • Server Software Component: Terminal Services DLL

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks