Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
768f867471ca6a6e234b182175edc733_JaffaCakes118
-
Size
140KB
-
Sample
240727-bxmpka1drd
-
MD5
768f867471ca6a6e234b182175edc733
-
SHA1
07c5b7ef3e1606d15115890b5d07803f5d81e11b
-
SHA256
f3dbc037a91be139f33f7cd49d37e546cb58b7debf315fd3dee431b42daf73b4
-
SHA512
9f00fdc7d8a93e496c05a462fd241ebbabfb46d737bd188b2ce4eafb1009c20f02a4a256f9d32e54793e4c7d95d836ead5d23afecbf42d9aa13f38f0320ae6a6
-
SSDEEP
1536:O/+1z/tt6HurQ1I8Nzuek6IrqbOHQ9ocjjjb64Sh0NlL6C753u4vj7cmaMQyHXTN:OG1OHutQu0P6c7L75+4vXaM98qKnIfq
Static task
static1
Behavioral task
behavioral1
Sample
768f867471ca6a6e234b182175edc733_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
768f867471ca6a6e234b182175edc733_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
768f867471ca6a6e234b182175edc733_JaffaCakes118
-
Size
140KB
-
MD5
768f867471ca6a6e234b182175edc733
-
SHA1
07c5b7ef3e1606d15115890b5d07803f5d81e11b
-
SHA256
f3dbc037a91be139f33f7cd49d37e546cb58b7debf315fd3dee431b42daf73b4
-
SHA512
9f00fdc7d8a93e496c05a462fd241ebbabfb46d737bd188b2ce4eafb1009c20f02a4a256f9d32e54793e4c7d95d836ead5d23afecbf42d9aa13f38f0320ae6a6
-
SSDEEP
1536:O/+1z/tt6HurQ1I8Nzuek6IrqbOHQ9ocjjjb64Sh0NlL6C753u4vj7cmaMQyHXTN:OG1OHutQu0P6c7L75+4vXaM98qKnIfq
-
Modifies firewall policy service
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
3Windows Service
3Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
3Windows Service
3Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
2Disable or Modify System Firewall
2Modify Registry
3