Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
45bca69dda7d4c27267c95d921e156a2_JaffaCakes118
-
Size
2.7MB
-
Sample
240714-n8rtwasbkb
-
MD5
45bca69dda7d4c27267c95d921e156a2
-
SHA1
dd8a119fdbafbb961c344317080e1d061096fc63
-
SHA256
1cc2233b6a521d711edb9635f9041d9a235f2886370c8450e8c485adddf489c7
-
SHA512
aed8ba648607b72aecae3eb0cb3ff716055e12c514c93c0953ea269a911ad235135a48d29f885725f5c30b24be9fb3ee6909f6705360255f43d219b5e17846a9
-
SSDEEP
49152:08a8pojd8a8pojd8a8pojd8a8pojd8a8pojO0:a
Behavioral task
behavioral1
Sample
45bca69dda7d4c27267c95d921e156a2_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
45bca69dda7d4c27267c95d921e156a2_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
45bca69dda7d4c27267c95d921e156a2_JaffaCakes118
-
Size
2.7MB
-
MD5
45bca69dda7d4c27267c95d921e156a2
-
SHA1
dd8a119fdbafbb961c344317080e1d061096fc63
-
SHA256
1cc2233b6a521d711edb9635f9041d9a235f2886370c8450e8c485adddf489c7
-
SHA512
aed8ba648607b72aecae3eb0cb3ff716055e12c514c93c0953ea269a911ad235135a48d29f885725f5c30b24be9fb3ee6909f6705360255f43d219b5e17846a9
-
SSDEEP
49152:08a8pojd8a8pojd8a8pojd8a8pojd8a8pojO0:a
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1