Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
85f31d0b15908f37ff961ec63fd11eb7_JaffaCakes118
-
Size
1.6MB
-
Sample
240810-n12zwascqg
-
MD5
85f31d0b15908f37ff961ec63fd11eb7
-
SHA1
3d9c7ca99df681db028cd416ca3d91904eefda63
-
SHA256
7ec1061be009ff1c23b14685419baadebccd814b9634fbd93de8736746caa8be
-
SHA512
b74239ffebf00a9f4b1484168e5d778c293b3e0b8dfc177f7e122c896b90239f2bf906d0d6b08bab84e6ca64f930f0f86c10b9d17ae76bb1d2265af738ba265b
-
SSDEEP
24576:3uhaterQZb+md4wmieZJ8NI8OerQZb+md4wmieZJ8NI818:Y4erQZbd2f8OerQZbd2f818
Behavioral task
behavioral1
Sample
85f31d0b15908f37ff961ec63fd11eb7_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
85f31d0b15908f37ff961ec63fd11eb7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
85f31d0b15908f37ff961ec63fd11eb7_JaffaCakes118
-
Size
1.6MB
-
MD5
85f31d0b15908f37ff961ec63fd11eb7
-
SHA1
3d9c7ca99df681db028cd416ca3d91904eefda63
-
SHA256
7ec1061be009ff1c23b14685419baadebccd814b9634fbd93de8736746caa8be
-
SHA512
b74239ffebf00a9f4b1484168e5d778c293b3e0b8dfc177f7e122c896b90239f2bf906d0d6b08bab84e6ca64f930f0f86c10b9d17ae76bb1d2265af738ba265b
-
SSDEEP
24576:3uhaterQZb+md4wmieZJ8NI8OerQZb+md4wmieZJ8NI818:Y4erQZbd2f8OerQZbd2f818
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
1