Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    43f4a2878cadd6343b497ff2fb490856_JaffaCakes118

  • Size

    26KB

  • Sample

    240714-c3eftatcqm

  • MD5

    43f4a2878cadd6343b497ff2fb490856

  • SHA1

    7909df003d31fe602dcf02427221b6a3fcca2585

  • SHA256

    f6040b4047094868e17be9428ea636efb9406f6526e2eb10a3f3917e48c96f6a

  • SHA512

    1742a70157a5872346acb2724ae9de324633f92cb7429061735587359ba01c7d3ab95b96fe6b8cd60f6a47192e1793c164769f63bcc8d56e3d5b732e21953a88

  • SSDEEP

    768:Chw2aHt0dcYsITFT2jqQKG/d4uH8Czb0OmSM:Ww2UF9IJs5f/d42zbgb

Score
10/10

Malware Config

Targets

    • Target

      43f4a2878cadd6343b497ff2fb490856_JaffaCakes118

    • Size

      26KB

    • MD5

      43f4a2878cadd6343b497ff2fb490856

    • SHA1

      7909df003d31fe602dcf02427221b6a3fcca2585

    • SHA256

      f6040b4047094868e17be9428ea636efb9406f6526e2eb10a3f3917e48c96f6a

    • SHA512

      1742a70157a5872346acb2724ae9de324633f92cb7429061735587359ba01c7d3ab95b96fe6b8cd60f6a47192e1793c164769f63bcc8d56e3d5b732e21953a88

    • SSDEEP

      768:Chw2aHt0dcYsITFT2jqQKG/d4uH8Czb0OmSM:Ww2UF9IJs5f/d42zbgb

    Score
    10/10
    • Modifies security service

    • Modifies visiblity of hidden/system files in Explorer

    • Event Triggered Execution: Image File Execution Options Injection

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks