Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
652b5270526defb12f4a53b15fbf44a9_JaffaCakes118
-
Size
200KB
-
Sample
240722-24dy4stcpe
-
MD5
652b5270526defb12f4a53b15fbf44a9
-
SHA1
2b63588cc29c6572ffc98d327c4011e84784ff49
-
SHA256
4b12203e032bb8484ca2a8c750e03c3b521faf764ed007f60b585460c3ff7454
-
SHA512
7050d000d621ffcd0ecdecbb13fb60075384db6152d53e222241098c934d53302b91b1099ea1462cc347a532f69fb6c20c6cb75f22e9c92a44688d207afe8651
-
SSDEEP
3072:sqhMPsRu0hG2thtCwefLmXA2Q8y4Oyu0ZhuW+jyjXZ0nSV:sqhMPsRu014XmXAWy4OyvuWtV
Malware Config
Targets
-
-
Target
652b5270526defb12f4a53b15fbf44a9_JaffaCakes118
-
Size
200KB
-
MD5
652b5270526defb12f4a53b15fbf44a9
-
SHA1
2b63588cc29c6572ffc98d327c4011e84784ff49
-
SHA256
4b12203e032bb8484ca2a8c750e03c3b521faf764ed007f60b585460c3ff7454
-
SHA512
7050d000d621ffcd0ecdecbb13fb60075384db6152d53e222241098c934d53302b91b1099ea1462cc347a532f69fb6c20c6cb75f22e9c92a44688d207afe8651
-
SSDEEP
3072:sqhMPsRu0hG2thtCwefLmXA2Q8y4Oyu0ZhuW+jyjXZ0nSV:sqhMPsRu014XmXAWy4OyvuWtV
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
4