Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
36667675d3d0e269a72040b1fa9ecc18_JaffaCakes118
-
Size
2.6MB
-
Sample
240710-z2fzkszgjl
-
MD5
36667675d3d0e269a72040b1fa9ecc18
-
SHA1
342fc706135d50f5f817a6026036982c41089c66
-
SHA256
e71388d64eb31b53e1b569034e3cd95231e83fd935b3fdf0e587ea2d5ce206ff
-
SHA512
e80c12cce32688c41ebc83dcc63fbab783a4df987ed3d0e2c8ebc50f1296e170f2b5dc9de536c262a8c96e6efafad05b54c2e8429abd000f16cdf1ff3e141f60
-
SSDEEP
24576:3uhaoeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8T7:Ys8g8g8g8g8g8/
Behavioral task
behavioral1
Sample
36667675d3d0e269a72040b1fa9ecc18_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
36667675d3d0e269a72040b1fa9ecc18_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
36667675d3d0e269a72040b1fa9ecc18_JaffaCakes118
-
Size
2.6MB
-
MD5
36667675d3d0e269a72040b1fa9ecc18
-
SHA1
342fc706135d50f5f817a6026036982c41089c66
-
SHA256
e71388d64eb31b53e1b569034e3cd95231e83fd935b3fdf0e587ea2d5ce206ff
-
SHA512
e80c12cce32688c41ebc83dcc63fbab783a4df987ed3d0e2c8ebc50f1296e170f2b5dc9de536c262a8c96e6efafad05b54c2e8429abd000f16cdf1ff3e141f60
-
SSDEEP
24576:3uhaoeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8TOYeZJ8NI8T7:Ys8g8g8g8g8g8/
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1