Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    75ac95c69ee5b6cd50e2c4903a068f26_JaffaCakes118

  • Size

    476KB

  • Sample

    240726-zm9y4stfnl

  • MD5

    75ac95c69ee5b6cd50e2c4903a068f26

  • SHA1

    aa80a94ed17869dfe2ec18ee18ef6051f7836805

  • SHA256

    4e4bc1e6626ef7099dee44942e4350e3b1d327689fbbfe708705950a8be62d96

  • SHA512

    b9c30aa22cebfc5a832803db26f42c0607be94afb57d38ad3fcf3c39a2df636f78c93bade1ebf49ca49a0bafc2823f713d729629703683d6ad551f1ef2d721d4

  • SSDEEP

    12288:xFY/nud2glrDhcLrfJ/p/To0vp84nCrMlUDcoSmkq/u:Q/8l/OHJh/UuxCrMDoSmkA

Malware Config

Targets

    • Target

      75ac95c69ee5b6cd50e2c4903a068f26_JaffaCakes118

    • Size

      476KB

    • MD5

      75ac95c69ee5b6cd50e2c4903a068f26

    • SHA1

      aa80a94ed17869dfe2ec18ee18ef6051f7836805

    • SHA256

      4e4bc1e6626ef7099dee44942e4350e3b1d327689fbbfe708705950a8be62d96

    • SHA512

      b9c30aa22cebfc5a832803db26f42c0607be94afb57d38ad3fcf3c39a2df636f78c93bade1ebf49ca49a0bafc2823f713d729629703683d6ad551f1ef2d721d4

    • SSDEEP

      12288:xFY/nud2glrDhcLrfJ/p/To0vp84nCrMlUDcoSmkq/u:Q/8l/OHJh/UuxCrMDoSmkA

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks