Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    66de8e793c5b12fc59e2433a800350bf_JaffaCakes118

  • Size

    33KB

  • Sample

    240723-klc6esxgmq

  • MD5

    66de8e793c5b12fc59e2433a800350bf

  • SHA1

    7b22fca3d9b793ec6b41847a252d0af779d0970d

  • SHA256

    56fc71f92fd431be7506a8c2d5aeef7bad9ddc70471cfb1f68c3fcc4c4f90e0a

  • SHA512

    f068e58ab7d081e82bd5fa7cffe6eb67cab2ab9fbf5f117322b9c6e846b2175439b008871946159b7b0d34fe3776983a265e71b5423034104c3da8db1d7be5b7

  • SSDEEP

    768:cyTq5KLMqsOj6LGkD19/wwlP8/DXfvbOUDp8leGs3nStS0v:zScMeWLGkD19/wwqrX97GO2t

Score
10/10

Malware Config

Targets

    • Target

      66de8e793c5b12fc59e2433a800350bf_JaffaCakes118

    • Size

      33KB

    • MD5

      66de8e793c5b12fc59e2433a800350bf

    • SHA1

      7b22fca3d9b793ec6b41847a252d0af779d0970d

    • SHA256

      56fc71f92fd431be7506a8c2d5aeef7bad9ddc70471cfb1f68c3fcc4c4f90e0a

    • SHA512

      f068e58ab7d081e82bd5fa7cffe6eb67cab2ab9fbf5f117322b9c6e846b2175439b008871946159b7b0d34fe3776983a265e71b5423034104c3da8db1d7be5b7

    • SSDEEP

      768:cyTq5KLMqsOj6LGkD19/wwlP8/DXfvbOUDp8leGs3nStS0v:zScMeWLGkD19/wwqrX97GO2t

    Score
    10/10
    • Modifies WinLogon for persistence

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks