Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
45e52aeb38c2b1f1fea98312270213e3_JaffaCakes118
-
Size
944KB
-
Sample
240714-p4pz6atcpb
-
MD5
45e52aeb38c2b1f1fea98312270213e3
-
SHA1
50abf4027c97ac75167e3d1116ca2570a6b8a0ed
-
SHA256
0c79795c22c7fce547679d0206b5aa8e50e51ab9bff60446da9541809debc15d
-
SHA512
5c87ffe5e998e6a9e54011a9cb95c8f6e8914f17cec597e160abcc21045461715f404f881bf0ad26c40cfdf1ec259b72050f68c5a09555bd52d6d50ff0106485
-
SSDEEP
12288:3ZWtI6RkQLunu0Ku9O1Lunu0KuDBZJqQZy5SfOROv:3uhaQhABZJqsaS2ROv
Behavioral task
behavioral1
Sample
45e52aeb38c2b1f1fea98312270213e3_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
45e52aeb38c2b1f1fea98312270213e3_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
45e52aeb38c2b1f1fea98312270213e3_JaffaCakes118
-
Size
944KB
-
MD5
45e52aeb38c2b1f1fea98312270213e3
-
SHA1
50abf4027c97ac75167e3d1116ca2570a6b8a0ed
-
SHA256
0c79795c22c7fce547679d0206b5aa8e50e51ab9bff60446da9541809debc15d
-
SHA512
5c87ffe5e998e6a9e54011a9cb95c8f6e8914f17cec597e160abcc21045461715f404f881bf0ad26c40cfdf1ec259b72050f68c5a09555bd52d6d50ff0106485
-
SSDEEP
12288:3ZWtI6RkQLunu0Ku9O1Lunu0KuDBZJqQZy5SfOROv:3uhaQhABZJqsaS2ROv
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1