Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f056f48ca9b50651322ff17315c040e_JaffaCakes118
-
Size
2.0MB
-
Sample
240720-e3egxszdke
-
MD5
5f056f48ca9b50651322ff17315c040e
-
SHA1
e2ccf9462bfc07b5eccca7d6049b404597b81f85
-
SHA256
0e98e5e8ef686ef99418de0a20434533142a641b0d61bc0c9c06b2d71f292154
-
SHA512
a3528e8b25a71776421c1381b60b8b55a6c5df9fab8d54709af49fe615eb7665c1ab20228f82d006ad14433cc30bbf57fa1071d5d11401a1f93608072dff52ac
-
SSDEEP
384:LPyZNjtU2mVsAxbDa7noKV/3t0iRgjbqzOeUvLqvQv2RMVztWL:TyZ7iWk6dgbKOeUG4v2RsQL
Static task
static1
Behavioral task
behavioral1
Sample
5f056f48ca9b50651322ff17315c040e_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5f056f48ca9b50651322ff17315c040e_JaffaCakes118.dll
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
5f056f48ca9b50651322ff17315c040e_JaffaCakes118
-
Size
2.0MB
-
MD5
5f056f48ca9b50651322ff17315c040e
-
SHA1
e2ccf9462bfc07b5eccca7d6049b404597b81f85
-
SHA256
0e98e5e8ef686ef99418de0a20434533142a641b0d61bc0c9c06b2d71f292154
-
SHA512
a3528e8b25a71776421c1381b60b8b55a6c5df9fab8d54709af49fe615eb7665c1ab20228f82d006ad14433cc30bbf57fa1071d5d11401a1f93608072dff52ac
-
SSDEEP
384:LPyZNjtU2mVsAxbDa7noKV/3t0iRgjbqzOeUvLqvQv2RMVztWL:TyZ7iWk6dgbKOeUG4v2RsQL
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1