Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e1e326d566df230ecf302443d6c7765_JaffaCakes118
-
Size
3.6MB
-
Sample
240712-vapees1hnn
-
MD5
3e1e326d566df230ecf302443d6c7765
-
SHA1
faca21cac51ceb1ba21eea25e1d28ebba32b50ad
-
SHA256
90e4e06c0125b4934bb0ccd081c00d4323501feb7bcce21d282dd9dee67f41e0
-
SHA512
a7ba09479cc75cc17a9c329f0b114e3f77b7ae7aec116d0fd5dd584a10cac8de5c648218aac882162ccb111fdd5354ec0a4d6484e986e226c4519fd05d48a4fa
-
SSDEEP
49152:DYua2CnTPy2zsRpZjhNmb5sSoAqzV0E22tinoaWBxazxTJRZSx:DYua2oTPy2oHCoAqPinoaWBxazxTEx
Malware Config
Targets
-
-
Target
3e1e326d566df230ecf302443d6c7765_JaffaCakes118
-
Size
3.6MB
-
MD5
3e1e326d566df230ecf302443d6c7765
-
SHA1
faca21cac51ceb1ba21eea25e1d28ebba32b50ad
-
SHA256
90e4e06c0125b4934bb0ccd081c00d4323501feb7bcce21d282dd9dee67f41e0
-
SHA512
a7ba09479cc75cc17a9c329f0b114e3f77b7ae7aec116d0fd5dd584a10cac8de5c648218aac882162ccb111fdd5354ec0a4d6484e986e226c4519fd05d48a4fa
-
SSDEEP
49152:DYua2CnTPy2zsRpZjhNmb5sSoAqzV0E22tinoaWBxazxTJRZSx:DYua2oTPy2oHCoAqPinoaWBxazxTEx
Score10/10-
UAC bypass
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2Pre-OS Boot
1Bootkit
1