Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    733741d586bd47f091bac0682534bd6c_JaffaCakes118

  • Size

    26KB

  • Sample

    240726-jxye3azale

  • MD5

    733741d586bd47f091bac0682534bd6c

  • SHA1

    bdba82d02840654ad230cc3646ea9309d6b9f6d2

  • SHA256

    0fbc1f00d10dbb305d5bf05826b580b9575ba4e001dd749bfdbb2f7db4fd701c

  • SHA512

    c27925808bb84ea42889774654c479c7629ec10ee1ae4f75fa20fd38b10b3b22d0b31942c1daea756dc5cdcddcb07da94248f13d5e3a28159652548cf2eeebf2

  • SSDEEP

    384:4nTow/H30QvvdeATfsX0hkPypugWgyE3AQ46OGLUOJ6IpoAVAcMoYz+iAXHUt:4nTl0QN3jsj6DAQm4vXWAVQtz+iAc

Malware Config

Targets

    • Target

      733741d586bd47f091bac0682534bd6c_JaffaCakes118

    • Size

      26KB

    • MD5

      733741d586bd47f091bac0682534bd6c

    • SHA1

      bdba82d02840654ad230cc3646ea9309d6b9f6d2

    • SHA256

      0fbc1f00d10dbb305d5bf05826b580b9575ba4e001dd749bfdbb2f7db4fd701c

    • SHA512

      c27925808bb84ea42889774654c479c7629ec10ee1ae4f75fa20fd38b10b3b22d0b31942c1daea756dc5cdcddcb07da94248f13d5e3a28159652548cf2eeebf2

    • SSDEEP

      384:4nTow/H30QvvdeATfsX0hkPypugWgyE3AQ46OGLUOJ6IpoAVAcMoYz+iAXHUt:4nTl0QN3jsj6DAQm4vXWAVQtz+iAc

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks