Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
460bd9a2df6429fcc2fac0546ac3d0d5_JaffaCakes118
-
Size
333KB
-
Sample
240714-qwqr6avdnd
-
MD5
460bd9a2df6429fcc2fac0546ac3d0d5
-
SHA1
e99f6b2e38e51b79d7273806b85d3c512672dd92
-
SHA256
a8f5d5105e68655b4eda2dbc2302bf09991121a3776c3967d6cb1ea939d817f8
-
SHA512
5747aef7d0b7eb64ab37e1f7f50425bc6d9fcb1e54ce7d1105860f39128391b99e18afacb83d838ea77183ee76fba3a299c925724e7f6cf6680f458df0b24a98
-
SSDEEP
6144:MRAhhJxX7bNIKTQ/ary6Gpdp+8dbYCWATtANNkd0gcLdk2snWC8k:UsAL/WByCJoMz4Wxk
Static task
static1
Behavioral task
behavioral1
Sample
460bd9a2df6429fcc2fac0546ac3d0d5_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
460bd9a2df6429fcc2fac0546ac3d0d5_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
460bd9a2df6429fcc2fac0546ac3d0d5_JaffaCakes118
-
Size
333KB
-
MD5
460bd9a2df6429fcc2fac0546ac3d0d5
-
SHA1
e99f6b2e38e51b79d7273806b85d3c512672dd92
-
SHA256
a8f5d5105e68655b4eda2dbc2302bf09991121a3776c3967d6cb1ea939d817f8
-
SHA512
5747aef7d0b7eb64ab37e1f7f50425bc6d9fcb1e54ce7d1105860f39128391b99e18afacb83d838ea77183ee76fba3a299c925724e7f6cf6680f458df0b24a98
-
SSDEEP
6144:MRAhhJxX7bNIKTQ/ary6Gpdp+8dbYCWATtANNkd0gcLdk2snWC8k:UsAL/WByCJoMz4Wxk
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1