Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4797668cd0a042063e3d2f34aaf3333c_JaffaCakes118
-
Size
145KB
-
Sample
240715-bkbfrstekc
-
MD5
4797668cd0a042063e3d2f34aaf3333c
-
SHA1
fdf90f965acbee58ee8e31fa62ddb657cfc12eb0
-
SHA256
3a81661b4f7e5d2e44847a52b46b49fb92fa2e12a4e3ab63df4b248966397567
-
SHA512
1deb315b1bed701b191a0454d44fde877b1712215864c2274c0df29f6ed6c5e91f59a563fe7864252d5f201ea27ba6532b2b217a117a36a211261321fb241f4c
-
SSDEEP
3072:3R1+aJe1mgawzxsBub861jIHxowR1sxn8xfyRGF27T+Ihi0Mbk6/pb8DEc3OjQD8:3RUTV5ny1sl44FMbkm5c3rZFPM0pjmbp
Malware Config
Targets
-
-
Target
4797668cd0a042063e3d2f34aaf3333c_JaffaCakes118
-
Size
145KB
-
MD5
4797668cd0a042063e3d2f34aaf3333c
-
SHA1
fdf90f965acbee58ee8e31fa62ddb657cfc12eb0
-
SHA256
3a81661b4f7e5d2e44847a52b46b49fb92fa2e12a4e3ab63df4b248966397567
-
SHA512
1deb315b1bed701b191a0454d44fde877b1712215864c2274c0df29f6ed6c5e91f59a563fe7864252d5f201ea27ba6532b2b217a117a36a211261321fb241f4c
-
SSDEEP
3072:3R1+aJe1mgawzxsBub861jIHxowR1sxn8xfyRGF27T+Ihi0Mbk6/pb8DEc3OjQD8:3RUTV5ny1sl44FMbkm5c3rZFPM0pjmbp
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1AppInit DLLs
1