Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
67ab40eb2896d53b5943681eefdad4da_JaffaCakes118
-
Size
712KB
-
Sample
240723-p37htatdlg
-
MD5
67ab40eb2896d53b5943681eefdad4da
-
SHA1
9dd54598c3b7b5d13f27bb3ba72e963e99c66694
-
SHA256
5eed8c6cf7cb3b051cfeb36e2bf6a0448eebb2a7f0576ffe435dd66c09d42289
-
SHA512
8c41f09b15eb763f4ea52cfe2228c08591533ccac9522078e07460de89a84e6abef48c7bd54f7927637fc601a95851ba97e18666dede20b998dfdbe06f5c508a
-
SSDEEP
12288:NtKe6Zv23YdqMGHGSX1388BxGVI43GVpinJMcODu5bsIJojfx1oOkozvUJ+yJu82:d6Zv2jbW1SaRhaLXoOkk6+yJN5huC8c4
Malware Config
Targets
-
-
Target
67ab40eb2896d53b5943681eefdad4da_JaffaCakes118
-
Size
712KB
-
MD5
67ab40eb2896d53b5943681eefdad4da
-
SHA1
9dd54598c3b7b5d13f27bb3ba72e963e99c66694
-
SHA256
5eed8c6cf7cb3b051cfeb36e2bf6a0448eebb2a7f0576ffe435dd66c09d42289
-
SHA512
8c41f09b15eb763f4ea52cfe2228c08591533ccac9522078e07460de89a84e6abef48c7bd54f7927637fc601a95851ba97e18666dede20b998dfdbe06f5c508a
-
SSDEEP
12288:NtKe6Zv23YdqMGHGSX1388BxGVI43GVpinJMcODu5bsIJojfx1oOkozvUJ+yJu82:d6Zv2jbW1SaRhaLXoOkk6+yJN5huC8c4
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1