Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a9c2055eb3ae1f0c97059f30bef9a75_JaffaCakes118

  • Size

    920KB

  • Sample

    240708-ch61bszcje

  • MD5

    2a9c2055eb3ae1f0c97059f30bef9a75

  • SHA1

    a0e8f260716e6fd0c5f60532fe1a7e9d244b22b8

  • SHA256

    5d05135b012e45809db6aac2495201c32f94e59bab6a66307e898c5dc9e9e2d1

  • SHA512

    816f22601219c9af41cfbbdedf8192e5b86a956fba1b653a6a7880cf96e48f4e2d470b4751bd10fce17d1d1a183ada8a4afa03cf3349409246b3e8eaa6fb5574

  • SSDEEP

    12288:5iu7xXNAZGLh1fd0MNWc7j3SRX1Xr41+HczP/e7gV/ngTCzc2W7zCf5tenIXkS/m:MutXdLCatt/e8SPrG

Score
10/10

Malware Config

Targets

    • Target

      2a9c2055eb3ae1f0c97059f30bef9a75_JaffaCakes118

    • Size

      920KB

    • MD5

      2a9c2055eb3ae1f0c97059f30bef9a75

    • SHA1

      a0e8f260716e6fd0c5f60532fe1a7e9d244b22b8

    • SHA256

      5d05135b012e45809db6aac2495201c32f94e59bab6a66307e898c5dc9e9e2d1

    • SHA512

      816f22601219c9af41cfbbdedf8192e5b86a956fba1b653a6a7880cf96e48f4e2d470b4751bd10fce17d1d1a183ada8a4afa03cf3349409246b3e8eaa6fb5574

    • SSDEEP

      12288:5iu7xXNAZGLh1fd0MNWc7j3SRX1Xr41+HczP/e7gV/ngTCzc2W7zCf5tenIXkS/m:MutXdLCatt/e8SPrG

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks