Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8548dd17f0f665cc94431d513dbbf7f8_JaffaCakes118

  • Size

    204KB

  • Sample

    240810-jeev1a1bqp

  • MD5

    8548dd17f0f665cc94431d513dbbf7f8

  • SHA1

    4a87a8906e025657f46b6bc9ab7ed22757bd9621

  • SHA256

    e3bc4dd01df081b5ff59f5b0f2af56e84067c49c53efbe8b7bc757defac8879f

  • SHA512

    cd72bbc4aadc042ba85d8870756d5f7a2c167414bcc3aab89f94eb0fc56ab1942f81e419af742aac9a83a97a232c675e068d1ed4b0325eef191acc4037d377b1

  • SSDEEP

    6144:tEvjSkZ5AqUTyKkp09suOkTiyzQUvOQ7bXQb1CoS:ISkjd7KxXFhUUvOOjoS

Malware Config

Targets

    • Target

      8548dd17f0f665cc94431d513dbbf7f8_JaffaCakes118

    • Size

      204KB

    • MD5

      8548dd17f0f665cc94431d513dbbf7f8

    • SHA1

      4a87a8906e025657f46b6bc9ab7ed22757bd9621

    • SHA256

      e3bc4dd01df081b5ff59f5b0f2af56e84067c49c53efbe8b7bc757defac8879f

    • SHA512

      cd72bbc4aadc042ba85d8870756d5f7a2c167414bcc3aab89f94eb0fc56ab1942f81e419af742aac9a83a97a232c675e068d1ed4b0325eef191acc4037d377b1

    • SSDEEP

      6144:tEvjSkZ5AqUTyKkp09suOkTiyzQUvOQ7bXQb1CoS:ISkjd7KxXFhUUvOOjoS

    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.