Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    829fbcbc87a941de385a0d4a0e919a63_JaffaCakes118

  • Size

    277KB

  • Sample

    240802-cg3lhsyhql

  • MD5

    829fbcbc87a941de385a0d4a0e919a63

  • SHA1

    6cf1ec433887a9a611f2ab49b80ea0e05286cb7d

  • SHA256

    264322e427bd916c14e976961c0f17db4f678b7c098687bbd49d488b2686585d

  • SHA512

    c5721ad627c979dbdc2f9062ac4e8645f5857e3d1b410b4bb97382d7bc95b517a7cdacf77b5c84c2d7b803323bcfc83934d37cba109bcfa7ceadd55d132888cb

  • SSDEEP

    6144:nfEmj4ZvkItSgS4SD8YgoIq4f14QJ1f2xiMY5xKKSsm8UvS0e1:nfJbIVS65/eQJp2cMwxRwre1

Score
10/10

Malware Config

Targets

    • Target

      829fbcbc87a941de385a0d4a0e919a63_JaffaCakes118

    • Size

      277KB

    • MD5

      829fbcbc87a941de385a0d4a0e919a63

    • SHA1

      6cf1ec433887a9a611f2ab49b80ea0e05286cb7d

    • SHA256

      264322e427bd916c14e976961c0f17db4f678b7c098687bbd49d488b2686585d

    • SHA512

      c5721ad627c979dbdc2f9062ac4e8645f5857e3d1b410b4bb97382d7bc95b517a7cdacf77b5c84c2d7b803323bcfc83934d37cba109bcfa7ceadd55d132888cb

    • SSDEEP

      6144:nfEmj4ZvkItSgS4SD8YgoIq4f14QJ1f2xiMY5xKKSsm8UvS0e1:nfJbIVS65/eQJp2cMwxRwre1

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies WinLogon

MITRE ATT&CK Enterprise v15

Tasks