Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6725c4ae37bae58529e1c3341e0527f7_JaffaCakes118
-
Size
244KB
-
Sample
240723-l626qazgpa
-
MD5
6725c4ae37bae58529e1c3341e0527f7
-
SHA1
a26b6cd757679cc779c5dfb6c164824e73c2010a
-
SHA256
b66aba41cf76d12a6b97b0b12eff30effe4d0099bbbdefa977a3342490e9e34d
-
SHA512
f4474bc3f6ce0fd3fa069d552addf030b0f453d35041ce6b3997b5aa3b6bd14c6a4396aa5080b758b00a0bf04271c6df3fccec72713ff6c500ef4e6fea36c7c3
-
SSDEEP
6144:NtKe6YiDdv3m3mgKHIl7bNIFlJRUI8SgRKgimM:NtKe6Zv23Yd1mIkYgil
Static task
static1
Behavioral task
behavioral1
Sample
6725c4ae37bae58529e1c3341e0527f7_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
6725c4ae37bae58529e1c3341e0527f7_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
6725c4ae37bae58529e1c3341e0527f7_JaffaCakes118
-
Size
244KB
-
MD5
6725c4ae37bae58529e1c3341e0527f7
-
SHA1
a26b6cd757679cc779c5dfb6c164824e73c2010a
-
SHA256
b66aba41cf76d12a6b97b0b12eff30effe4d0099bbbdefa977a3342490e9e34d
-
SHA512
f4474bc3f6ce0fd3fa069d552addf030b0f453d35041ce6b3997b5aa3b6bd14c6a4396aa5080b758b00a0bf04271c6df3fccec72713ff6c500ef4e6fea36c7c3
-
SSDEEP
6144:NtKe6YiDdv3m3mgKHIl7bNIFlJRUI8SgRKgimM:NtKe6Zv23Yd1mIkYgil
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1