Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2ccc661089b5ed1583e7837fcf701aaf_JaffaCakes118
-
Size
1.5MB
-
Sample
240708-sjk29axdkc
-
MD5
2ccc661089b5ed1583e7837fcf701aaf
-
SHA1
06b46194964cd43f12c9b7f15bb2f425d93b3c3b
-
SHA256
b341f43b5b157c9719d839b3e768c921338443bf7e2e1b835f1f3a4be3efa416
-
SHA512
2965fc9927f607afe9d2f460220c2621e1c6c4babeb96b5b9cd120e1964805eb9ef8f01177c73ab344084f66baa3c2fb2190ff3aba514498c436fd44b7592135
-
SSDEEP
24576:3uhaperQZb+md4wmaerQZb+md4wmieZJ8NI8/ETKwNJqsaS2ROv:YYerQZbd2+erQZbd2f8/ETNflqROv
Behavioral task
behavioral1
Sample
2ccc661089b5ed1583e7837fcf701aaf_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2ccc661089b5ed1583e7837fcf701aaf_JaffaCakes118.exe
Resource
win10v2004-20240708-en
Malware Config
Targets
-
-
Target
2ccc661089b5ed1583e7837fcf701aaf_JaffaCakes118
-
Size
1.5MB
-
MD5
2ccc661089b5ed1583e7837fcf701aaf
-
SHA1
06b46194964cd43f12c9b7f15bb2f425d93b3c3b
-
SHA256
b341f43b5b157c9719d839b3e768c921338443bf7e2e1b835f1f3a4be3efa416
-
SHA512
2965fc9927f607afe9d2f460220c2621e1c6c4babeb96b5b9cd120e1964805eb9ef8f01177c73ab344084f66baa3c2fb2190ff3aba514498c436fd44b7592135
-
SSDEEP
24576:3uhaperQZb+md4wmaerQZb+md4wmieZJ8NI8/ETKwNJqsaS2ROv:YYerQZbd2+erQZbd2f8/ETNflqROv
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1