Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    61e8754e226176a4311b3bda2f7f5a4a_JaffaCakes118

  • Size

    10.8MB

  • Sample

    240721-3qkp6staqn

  • MD5

    61e8754e226176a4311b3bda2f7f5a4a

  • SHA1

    ab7b9cc772640ae291f1e5310ed7e2424d499c84

  • SHA256

    400eea86fdf5670b9ac9b96606483fda8f33ba2863b37b506ed6ab1bf882c93b

  • SHA512

    093ab429daf7f07040b6c6facea781cac0852f1ac5a39d935c1483859f880cfbef5b70e75dc977ffc22de921b0f76559b3b7dfa21fe29c967ddc98a450c8ddcf

  • SSDEEP

    196608:N8eM+zrUH3Z6+NWfpayWpHBFlnY+6NBg3fJzYcLlgFItURZWRLuGGHpMbdDUOzNt:NlM+zrUH3kWWRCFQBsh82lgqW8SZMbdf

Malware Config

Targets

    • Target

      61e8754e226176a4311b3bda2f7f5a4a_JaffaCakes118

    • Size

      10.8MB

    • MD5

      61e8754e226176a4311b3bda2f7f5a4a

    • SHA1

      ab7b9cc772640ae291f1e5310ed7e2424d499c84

    • SHA256

      400eea86fdf5670b9ac9b96606483fda8f33ba2863b37b506ed6ab1bf882c93b

    • SHA512

      093ab429daf7f07040b6c6facea781cac0852f1ac5a39d935c1483859f880cfbef5b70e75dc977ffc22de921b0f76559b3b7dfa21fe29c967ddc98a450c8ddcf

    • SSDEEP

      196608:N8eM+zrUH3Z6+NWfpayWpHBFlnY+6NBg3fJzYcLlgFItURZWRLuGGHpMbdDUOzNt:NlM+zrUH3kWWRCFQBsh82lgqW8SZMbdf

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks