Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2a9c2055eb3ae1f0c97059f30bef9a75_JaffaCakes118
-
Size
920KB
-
Sample
240708-ch61bszcje
-
MD5
2a9c2055eb3ae1f0c97059f30bef9a75
-
SHA1
a0e8f260716e6fd0c5f60532fe1a7e9d244b22b8
-
SHA256
5d05135b012e45809db6aac2495201c32f94e59bab6a66307e898c5dc9e9e2d1
-
SHA512
816f22601219c9af41cfbbdedf8192e5b86a956fba1b653a6a7880cf96e48f4e2d470b4751bd10fce17d1d1a183ada8a4afa03cf3349409246b3e8eaa6fb5574
-
SSDEEP
12288:5iu7xXNAZGLh1fd0MNWc7j3SRX1Xr41+HczP/e7gV/ngTCzc2W7zCf5tenIXkS/m:MutXdLCatt/e8SPrG
Static task
static1
Behavioral task
behavioral1
Sample
2a9c2055eb3ae1f0c97059f30bef9a75_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2a9c2055eb3ae1f0c97059f30bef9a75_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2a9c2055eb3ae1f0c97059f30bef9a75_JaffaCakes118
-
Size
920KB
-
MD5
2a9c2055eb3ae1f0c97059f30bef9a75
-
SHA1
a0e8f260716e6fd0c5f60532fe1a7e9d244b22b8
-
SHA256
5d05135b012e45809db6aac2495201c32f94e59bab6a66307e898c5dc9e9e2d1
-
SHA512
816f22601219c9af41cfbbdedf8192e5b86a956fba1b653a6a7880cf96e48f4e2d470b4751bd10fce17d1d1a183ada8a4afa03cf3349409246b3e8eaa6fb5574
-
SSDEEP
12288:5iu7xXNAZGLh1fd0MNWc7j3SRX1Xr41+HczP/e7gV/ngTCzc2W7zCf5tenIXkS/m:MutXdLCatt/e8SPrG
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1