Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    451f9f17ad02a28156283a7d689f1b7e_JaffaCakes118

  • Size

    266KB

  • Sample

    240714-ktbmkawerd

  • MD5

    451f9f17ad02a28156283a7d689f1b7e

  • SHA1

    f82aa99a79df0238e8acca041d7a9b5a0cd0b0d0

  • SHA256

    647152250e30c698a03b26fcb70609d9833dfc4e5b0b78ad3f331fd2e1ad01ab

  • SHA512

    a3882b6ee16b7515dd9049484dd9d4f0a90a0b162cf90079ee07dd5677bd14328b98b660898c2e6cadf02b29b1e04a08d28758612dd864868790b9dad99214bb

  • SSDEEP

    6144:pGl75MNTwpRAO02kWWIkFFNyL90lKKhjgcDRznAqnlC:gl75MwRd0KGF+2gSdAglC

Score
10/10

Malware Config

Targets

    • Target

      451f9f17ad02a28156283a7d689f1b7e_JaffaCakes118

    • Size

      266KB

    • MD5

      451f9f17ad02a28156283a7d689f1b7e

    • SHA1

      f82aa99a79df0238e8acca041d7a9b5a0cd0b0d0

    • SHA256

      647152250e30c698a03b26fcb70609d9833dfc4e5b0b78ad3f331fd2e1ad01ab

    • SHA512

      a3882b6ee16b7515dd9049484dd9d4f0a90a0b162cf90079ee07dd5677bd14328b98b660898c2e6cadf02b29b1e04a08d28758612dd864868790b9dad99214bb

    • SSDEEP

      6144:pGl75MNTwpRAO02kWWIkFFNyL90lKKhjgcDRznAqnlC:gl75MwRd0KGF+2gSdAglC

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies WinLogon

MITRE ATT&CK Enterprise v15

Tasks