Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e23718b6beeaa586cad052496f8a0e4_JaffaCakes118
-
Size
266KB
-
Sample
240712-vex75athqc
-
MD5
3e23718b6beeaa586cad052496f8a0e4
-
SHA1
1528840191e3960707c552ce301c1f90aea13be5
-
SHA256
6b5c042a29ef8f8ce557ed6603a747735872a6fd4108e9716c878d4c50f7efb3
-
SHA512
34da0d22acf22b97564c8c4d6dae9e4c9be87fe5a0bb9cf4c1d0a6d622a64c507df22ec9814392773a7151d6f60c1df8c8676e8de981966bfb30c24cc27e2631
-
SSDEEP
6144:QHIutQSUa+czWbg9SGxPnvQ39Sdhf6WY/e:5WQLczWbg9VPvQtChY/
Static task
static1
Behavioral task
behavioral1
Sample
3e23718b6beeaa586cad052496f8a0e4_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
3e23718b6beeaa586cad052496f8a0e4_JaffaCakes118
-
Size
266KB
-
MD5
3e23718b6beeaa586cad052496f8a0e4
-
SHA1
1528840191e3960707c552ce301c1f90aea13be5
-
SHA256
6b5c042a29ef8f8ce557ed6603a747735872a6fd4108e9716c878d4c50f7efb3
-
SHA512
34da0d22acf22b97564c8c4d6dae9e4c9be87fe5a0bb9cf4c1d0a6d622a64c507df22ec9814392773a7151d6f60c1df8c8676e8de981966bfb30c24cc27e2631
-
SSDEEP
6144:QHIutQSUa+czWbg9SGxPnvQ39Sdhf6WY/e:5WQLczWbg9VPvQtChY/
-
Modifies security service
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1