Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4931bfa03b011b1d5b0b0f8dfd4a8116_JaffaCakes118
-
Size
4.3MB
-
Sample
240715-ld3xjszall
-
MD5
4931bfa03b011b1d5b0b0f8dfd4a8116
-
SHA1
ec6c20b828d0517db89f03c3335bbc839b58ef0e
-
SHA256
ca9a3481656a749870c13d58d50a90d3e91dfb5f0324253261e699a76fd82697
-
SHA512
8ad31f059e16e33cbf82182193130bdea9f65ed775c57462242f1ce39afa74e48d3f4a63a2050f88f161d8ef43cca63a020e0f40577046aced5d2912a10654d7
-
SSDEEP
98304:WvoweBT2dUM9dIeLEyZllU4IZCVmnQocVUf82Vxuut+fmV0RgL/UG8SAOmf:WgfBx2GeQiO4IZC/9VUrzzt+fmaSMVS2
Malware Config
Targets
-
-
Target
4931bfa03b011b1d5b0b0f8dfd4a8116_JaffaCakes118
-
Size
4.3MB
-
MD5
4931bfa03b011b1d5b0b0f8dfd4a8116
-
SHA1
ec6c20b828d0517db89f03c3335bbc839b58ef0e
-
SHA256
ca9a3481656a749870c13d58d50a90d3e91dfb5f0324253261e699a76fd82697
-
SHA512
8ad31f059e16e33cbf82182193130bdea9f65ed775c57462242f1ce39afa74e48d3f4a63a2050f88f161d8ef43cca63a020e0f40577046aced5d2912a10654d7
-
SSDEEP
98304:WvoweBT2dUM9dIeLEyZllU4IZCVmnQocVUf82Vxuut+fmV0RgL/UG8SAOmf:WgfBx2GeQiO4IZC/9VUrzzt+fmaSMVS2
Score8/10-
Stops running service(s)
-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Execution
Scheduled Task/Job
1Scheduled Task
1System Services
1Service Execution
1Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1