Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8830eb762406fdd5d5bc0b4efb239172_JaffaCakes118

  • Size

    29KB

  • Sample

    240810-31jwmavdkr

  • MD5

    8830eb762406fdd5d5bc0b4efb239172

  • SHA1

    a5f107d658163e61e6a108fd9aa31f7cccf85f35

  • SHA256

    ef573e1ff26451c596a0daee8049207c2bbee259e9ed08fa03435a8f7a80b6e1

  • SHA512

    11e02083e2917d742b8d04b000bdfa42aab9925c825785e285738a72e63c21783a08beb9788d52c55578980f39eecb05d60d7caf5811562ea965598cce1ddb0d

  • SSDEEP

    768:31O3gD6t2kBCtN41kKa+z/MsAA+my/db:F8ZTGskKF/Pyp

Malware Config

Targets

    • Target

      8830eb762406fdd5d5bc0b4efb239172_JaffaCakes118

    • Size

      29KB

    • MD5

      8830eb762406fdd5d5bc0b4efb239172

    • SHA1

      a5f107d658163e61e6a108fd9aa31f7cccf85f35

    • SHA256

      ef573e1ff26451c596a0daee8049207c2bbee259e9ed08fa03435a8f7a80b6e1

    • SHA512

      11e02083e2917d742b8d04b000bdfa42aab9925c825785e285738a72e63c21783a08beb9788d52c55578980f39eecb05d60d7caf5811562ea965598cce1ddb0d

    • SSDEEP

      768:31O3gD6t2kBCtN41kKa+z/MsAA+my/db:F8ZTGskKF/Pyp

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks