Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    59b19d37b4201fc4c4245d8ec866a9b6_JaffaCakes118

  • Size

    52KB

  • Sample

    240719-akyevswhnf

  • MD5

    59b19d37b4201fc4c4245d8ec866a9b6

  • SHA1

    22752525c20e5f9553fe7122e19d19ee3551112f

  • SHA256

    87fb7c536c2c3f76504ea223f5f3115655f72b7323836d680f6d76cf054243aa

  • SHA512

    a4597ac2e9fe11d777d261399c8a8955f5ae727d72ce1f6ec0312d8e66e8fe0acd59e798f2a40ae642c19a64707867e909ae49e9aa640f1fc289de21a4505f0a

  • SSDEEP

    768:nfEinyzqFK63Ik18xubThTQ1xTxFls+j:nry2ceDSldv3

Malware Config

Targets

    • Target

      59b19d37b4201fc4c4245d8ec866a9b6_JaffaCakes118

    • Size

      52KB

    • MD5

      59b19d37b4201fc4c4245d8ec866a9b6

    • SHA1

      22752525c20e5f9553fe7122e19d19ee3551112f

    • SHA256

      87fb7c536c2c3f76504ea223f5f3115655f72b7323836d680f6d76cf054243aa

    • SHA512

      a4597ac2e9fe11d777d261399c8a8955f5ae727d72ce1f6ec0312d8e66e8fe0acd59e798f2a40ae642c19a64707867e909ae49e9aa640f1fc289de21a4505f0a

    • SSDEEP

      768:nfEinyzqFK63Ik18xubThTQ1xTxFls+j:nry2ceDSldv3

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks