Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2d3cbf910df43264235e8a4d43bd7557_JaffaCakes118

  • Size

    244KB

  • Sample

    240708-v79rmazgrj

  • MD5

    2d3cbf910df43264235e8a4d43bd7557

  • SHA1

    dd4345ab1d5efee41909f9e125b398e041e30264

  • SHA256

    ead0fc1c3c02bdad700377ea7a370168961c0ab8bf3446354f6ddc12935e869b

  • SHA512

    de6a72a32b6be0048ea3f5d3f80432e92083def8bb0a82946f6433dabbcdf024afe2d24f173e672b353713ffab03c0afa932f9153dae0dc5e4450f219af9c5ac

  • SSDEEP

    3072:IwJInJ1CeJ3ixPRUNk9ay+GFuzakZRNmGCKsLo7i8Q:ILnJSxPLtu2kZtCKsLo7i

Malware Config

Targets

    • Target

      2d3cbf910df43264235e8a4d43bd7557_JaffaCakes118

    • Size

      244KB

    • MD5

      2d3cbf910df43264235e8a4d43bd7557

    • SHA1

      dd4345ab1d5efee41909f9e125b398e041e30264

    • SHA256

      ead0fc1c3c02bdad700377ea7a370168961c0ab8bf3446354f6ddc12935e869b

    • SHA512

      de6a72a32b6be0048ea3f5d3f80432e92083def8bb0a82946f6433dabbcdf024afe2d24f173e672b353713ffab03c0afa932f9153dae0dc5e4450f219af9c5ac

    • SSDEEP

      3072:IwJInJ1CeJ3ixPRUNk9ay+GFuzakZRNmGCKsLo7i8Q:ILnJSxPLtu2kZtCKsLo7i

    • Server Software Component: Terminal Services DLL

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks