Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
752d15fcc7cc25121914cdeab45f9dc6_JaffaCakes118
-
Size
340KB
-
Sample
240726-ww94pawcmn
-
MD5
752d15fcc7cc25121914cdeab45f9dc6
-
SHA1
9146289552df5886f831edca03ff2e871f8b5925
-
SHA256
4cd888d3122c48bd43daf5bbbd8c30e072446d8ca90247d248c77fce5dbb8c59
-
SHA512
903d1ef8b3211b91f466d1814a83f74133ad18390453f7c8e95633dbe7ec1293341c81d118087ccfe3cdec60ea900748d4f7ec41d929ac2d3b209e1603d5bcc5
-
SSDEEP
6144:6qcOWaUEX3PtWF8ftYOiS7AcMgyDl2mS0KGwy82AFKxpme2w9mydPdm9PcBPpU:6zaUatWo2OKgywmE8ayweFBGgpU
Malware Config
Targets
-
-
Target
752d15fcc7cc25121914cdeab45f9dc6_JaffaCakes118
-
Size
340KB
-
MD5
752d15fcc7cc25121914cdeab45f9dc6
-
SHA1
9146289552df5886f831edca03ff2e871f8b5925
-
SHA256
4cd888d3122c48bd43daf5bbbd8c30e072446d8ca90247d248c77fce5dbb8c59
-
SHA512
903d1ef8b3211b91f466d1814a83f74133ad18390453f7c8e95633dbe7ec1293341c81d118087ccfe3cdec60ea900748d4f7ec41d929ac2d3b209e1603d5bcc5
-
SSDEEP
6144:6qcOWaUEX3PtWF8ftYOiS7AcMgyDl2mS0KGwy82AFKxpme2w9mydPdm9PcBPpU:6zaUatWo2OKgywmE8ayweFBGgpU
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1