Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5f056f48ca9b50651322ff17315c040e_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240720-e3egxszdke

  • MD5

    5f056f48ca9b50651322ff17315c040e

  • SHA1

    e2ccf9462bfc07b5eccca7d6049b404597b81f85

  • SHA256

    0e98e5e8ef686ef99418de0a20434533142a641b0d61bc0c9c06b2d71f292154

  • SHA512

    a3528e8b25a71776421c1381b60b8b55a6c5df9fab8d54709af49fe615eb7665c1ab20228f82d006ad14433cc30bbf57fa1071d5d11401a1f93608072dff52ac

  • SSDEEP

    384:LPyZNjtU2mVsAxbDa7noKV/3t0iRgjbqzOeUvLqvQv2RMVztWL:TyZ7iWk6dgbKOeUG4v2RsQL

Malware Config

Targets

    • Target

      5f056f48ca9b50651322ff17315c040e_JaffaCakes118

    • Size

      2.0MB

    • MD5

      5f056f48ca9b50651322ff17315c040e

    • SHA1

      e2ccf9462bfc07b5eccca7d6049b404597b81f85

    • SHA256

      0e98e5e8ef686ef99418de0a20434533142a641b0d61bc0c9c06b2d71f292154

    • SHA512

      a3528e8b25a71776421c1381b60b8b55a6c5df9fab8d54709af49fe615eb7665c1ab20228f82d006ad14433cc30bbf57fa1071d5d11401a1f93608072dff52ac

    • SSDEEP

      384:LPyZNjtU2mVsAxbDa7noKV/3t0iRgjbqzOeUvLqvQv2RMVztWL:TyZ7iWk6dgbKOeUG4v2RsQL

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks