Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

5f056f48ca...18.dll

windows7-x64

10

5f056f48ca...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5f056f48ca9b50651322ff17315c040e_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240720-e3egxszdke

  • MD5

    5f056f48ca9b50651322ff17315c040e

  • SHA1

    e2ccf9462bfc07b5eccca7d6049b404597b81f85

  • SHA256

    0e98e5e8ef686ef99418de0a20434533142a641b0d61bc0c9c06b2d71f292154

  • SHA512

    a3528e8b25a71776421c1381b60b8b55a6c5df9fab8d54709af49fe615eb7665c1ab20228f82d006ad14433cc30bbf57fa1071d5d11401a1f93608072dff52ac

  • SSDEEP

    384:LPyZNjtU2mVsAxbDa7noKV/3t0iRgjbqzOeUvLqvQv2RMVztWL:TyZ7iWk6dgbKOeUG4v2RsQL

Score
10/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      5f056f48ca9b50651322ff17315c040e_JaffaCakes118

    • Size

      2.0MB

    • MD5

      5f056f48ca9b50651322ff17315c040e

    • SHA1

      e2ccf9462bfc07b5eccca7d6049b404597b81f85

    • SHA256

      0e98e5e8ef686ef99418de0a20434533142a641b0d61bc0c9c06b2d71f292154

    • SHA512

      a3528e8b25a71776421c1381b60b8b55a6c5df9fab8d54709af49fe615eb7665c1ab20228f82d006ad14433cc30bbf57fa1071d5d11401a1f93608072dff52ac

    • SSDEEP

      384:LPyZNjtU2mVsAxbDa7noKV/3t0iRgjbqzOeUvLqvQv2RMVztWL:TyZ7iWk6dgbKOeUG4v2RsQL

    Score
    10/10
    evasionpersistenceprivilege_escalation

    • Modifies firewall policy service

      evasion

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks