Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
707892e01ab7c607921d0814ead6d09d_JaffaCakes118
-
Size
1.0MB
-
Sample
240725-vkz9nssgpm
-
MD5
707892e01ab7c607921d0814ead6d09d
-
SHA1
6c7a8c0f6b51f72a3c42853a7a03eff0468dd20f
-
SHA256
5f63649a2be2ede8d11a5307c1f9dfe2e231103a7fc69f148b53cecce3c3c013
-
SHA512
c1a692859a2746ce554c10edd949e933c66099ae9d776174a1a88ce497434a6b4583ba5d447a22a2cf592015fac82a9a14871e03ca45e86c557890ff35c3e6f9
-
SSDEEP
24576:3uha/eZJ8NI80erQZb+md4wmieZJ8NI8NeZJ8NI8r:Yl80erQZbd2f8a8r
Behavioral task
behavioral1
Sample
707892e01ab7c607921d0814ead6d09d_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
707892e01ab7c607921d0814ead6d09d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
707892e01ab7c607921d0814ead6d09d_JaffaCakes118
-
Size
1.0MB
-
MD5
707892e01ab7c607921d0814ead6d09d
-
SHA1
6c7a8c0f6b51f72a3c42853a7a03eff0468dd20f
-
SHA256
5f63649a2be2ede8d11a5307c1f9dfe2e231103a7fc69f148b53cecce3c3c013
-
SHA512
c1a692859a2746ce554c10edd949e933c66099ae9d776174a1a88ce497434a6b4583ba5d447a22a2cf592015fac82a9a14871e03ca45e86c557890ff35c3e6f9
-
SSDEEP
24576:3uha/eZJ8NI80erQZb+md4wmieZJ8NI8NeZJ8NI8r:Yl80erQZbd2f8a8r
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
1