Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
66b9ae16c073bbb3ab2389e72318cf1b_JaffaCakes118
-
Size
68KB
-
Sample
240723-jplraswcnm
-
MD5
66b9ae16c073bbb3ab2389e72318cf1b
-
SHA1
e50ceab851ed8a4a4bcaaa0f3a53cedcd8bc8485
-
SHA256
b092c0173e46fe385eb002a0faf1bfb6432194ded5de8d3ca99ff9ec19fbca8a
-
SHA512
cb9344e01e782000314689dbcee5dbd55da0ee70e274590831101f4ce4a7498f36d23dfe4be0b50eb7f09d64e9d7a3aba3c105596830dda917c82cf1938431af
-
SSDEEP
768:PTxrUL23qmT5o7B51+6TS+MoRoOUf5cx8zf6t/5HNk3AEoOvx1Q3i5nR09QzTGfc:15oln+NoRoOUfGft/fAAEoObwQ0g
Behavioral task
behavioral1
Sample
66b9ae16c073bbb3ab2389e72318cf1b_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
66b9ae16c073bbb3ab2389e72318cf1b_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
66b9ae16c073bbb3ab2389e72318cf1b_JaffaCakes118
-
Size
68KB
-
MD5
66b9ae16c073bbb3ab2389e72318cf1b
-
SHA1
e50ceab851ed8a4a4bcaaa0f3a53cedcd8bc8485
-
SHA256
b092c0173e46fe385eb002a0faf1bfb6432194ded5de8d3ca99ff9ec19fbca8a
-
SHA512
cb9344e01e782000314689dbcee5dbd55da0ee70e274590831101f4ce4a7498f36d23dfe4be0b50eb7f09d64e9d7a3aba3c105596830dda917c82cf1938431af
-
SSDEEP
768:PTxrUL23qmT5o7B51+6TS+MoRoOUf5cx8zf6t/5HNk3AEoOvx1Q3i5nR09QzTGfc:15oln+NoRoOUfGft/fAAEoObwQ0g
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Event Triggered Execution: Image File Execution Options Injection
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Change Default File Association
1Image File Execution Options Injection
1Privilege Escalation
Event Triggered Execution
2Change Default File Association
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2