Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
43f4a2878cadd6343b497ff2fb490856_JaffaCakes118
-
Size
26KB
-
Sample
240714-c3eftatcqm
-
MD5
43f4a2878cadd6343b497ff2fb490856
-
SHA1
7909df003d31fe602dcf02427221b6a3fcca2585
-
SHA256
f6040b4047094868e17be9428ea636efb9406f6526e2eb10a3f3917e48c96f6a
-
SHA512
1742a70157a5872346acb2724ae9de324633f92cb7429061735587359ba01c7d3ab95b96fe6b8cd60f6a47192e1793c164769f63bcc8d56e3d5b732e21953a88
-
SSDEEP
768:Chw2aHt0dcYsITFT2jqQKG/d4uH8Czb0OmSM:Ww2UF9IJs5f/d42zbgb
Malware Config
Targets
-
-
Target
43f4a2878cadd6343b497ff2fb490856_JaffaCakes118
-
Size
26KB
-
MD5
43f4a2878cadd6343b497ff2fb490856
-
SHA1
7909df003d31fe602dcf02427221b6a3fcca2585
-
SHA256
f6040b4047094868e17be9428ea636efb9406f6526e2eb10a3f3917e48c96f6a
-
SHA512
1742a70157a5872346acb2724ae9de324633f92cb7429061735587359ba01c7d3ab95b96fe6b8cd60f6a47192e1793c164769f63bcc8d56e3d5b732e21953a88
-
SSDEEP
768:Chw2aHt0dcYsITFT2jqQKG/d4uH8Czb0OmSM:Ww2UF9IJs5f/d42zbgb
Score10/10-
Modifies security service
-
Modifies visiblity of hidden/system files in Explorer
-
Event Triggered Execution: Image File Execution Options Injection
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3