Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7493e2838513309a374ea5b6722c18a0_JaffaCakes118
-
Size
10KB
-
Sample
240726-smb9hsvhmm
-
MD5
7493e2838513309a374ea5b6722c18a0
-
SHA1
023c990c303326f909feda4b1c8163c336787422
-
SHA256
6d68320440b2fb222518cfa195a157e727bde8bea47efe108bc56497aa784230
-
SHA512
5e4cb39a79cf4745b508d8970a6de6c37aa5de76d0253113ed90bb0d882e540e400c2151fb89793e492d7c6686191ea057960d7f5efb0ba0d7ca5f50ddea9218
-
SSDEEP
192:MIysA/4ZJeVDHVtNT9t4QBMptivwB12MaQchfKy99EZTHZ:MIysAwZ83NxtbBM3R1XiUZ9
Behavioral task
behavioral1
Sample
7493e2838513309a374ea5b6722c18a0_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
7493e2838513309a374ea5b6722c18a0_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
7493e2838513309a374ea5b6722c18a0_JaffaCakes118
-
Size
10KB
-
MD5
7493e2838513309a374ea5b6722c18a0
-
SHA1
023c990c303326f909feda4b1c8163c336787422
-
SHA256
6d68320440b2fb222518cfa195a157e727bde8bea47efe108bc56497aa784230
-
SHA512
5e4cb39a79cf4745b508d8970a6de6c37aa5de76d0253113ed90bb0d882e540e400c2151fb89793e492d7c6686191ea057960d7f5efb0ba0d7ca5f50ddea9218
-
SSDEEP
192:MIysA/4ZJeVDHVtNT9t4QBMptivwB12MaQchfKy99EZTHZ:MIysAwZ83NxtbBM3R1XiUZ9
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-