Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

5b0ea51e95...18.exe

windows7-x64

8

5b0ea51e95...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b0ea51e95974f2df1524a19d798c422_JaffaCakes118

  • Size

    172KB

  • Sample

    240719-jq3q7szeml

  • MD5

    5b0ea51e95974f2df1524a19d798c422

  • SHA1

    21e2ffb6e2d230736847548795cbc7fb6e59c136

  • SHA256

    7c1c73ab42696e39505979ff9238b35a3c4bd60dda2576ba8770cd7a297c37d7

  • SHA512

    bf02f4e9b3e4a65dd3f3272168ab88b7ab894a5ecbe72c92f68362953c40f7fb3c116fbd59c41095602ff796084cf0ab313e8a7eb855ee54410ec3e11cb38da0

  • SSDEEP

    3072:H2YOj+Rd/HB7oV7HV3ffDoStyMhV5HRHULEZ3+1/9qOFzk:hOj+rWJffMWhV5HRHUgItFz

Score
8/10
evasionexecutionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      5b0ea51e95974f2df1524a19d798c422_JaffaCakes118

    • Size

      172KB

    • MD5

      5b0ea51e95974f2df1524a19d798c422

    • SHA1

      21e2ffb6e2d230736847548795cbc7fb6e59c136

    • SHA256

      7c1c73ab42696e39505979ff9238b35a3c4bd60dda2576ba8770cd7a297c37d7

    • SHA512

      bf02f4e9b3e4a65dd3f3272168ab88b7ab894a5ecbe72c92f68362953c40f7fb3c116fbd59c41095602ff796084cf0ab313e8a7eb855ee54410ec3e11cb38da0

    • SSDEEP

      3072:H2YOj+Rd/HB7oV7HV3ffDoStyMhV5HRHULEZ3+1/9qOFzk:hOj+rWJffMWhV5HRHUgItFz

    Score
    8/10
    evasionexecutionpersistenceprivilege_escalation

    • Creates new service(s)

      persistenceexecution

    • Drops file in Drivers directory

    • Modifies Windows Firewall

      evasion

    • Server Software Component: Terminal Services DLL

      persistence

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks