Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8730122dd25c422d6ef99def0f5215d3_JaffaCakes118
-
Size
2.7MB
-
Sample
240810-w7cbsswdng
-
MD5
8730122dd25c422d6ef99def0f5215d3
-
SHA1
ce9fba33ecb7c13718bbc1403761374f21c086a3
-
SHA256
2c8899c50ebb0f08ec1aa6ade80b926955bc212f67aa37757b1135783f2b5924
-
SHA512
0389bf362b5db1069f29af1065b420130dc4c7a5581dba8646f77adc0e3394c3587236be5d5a6e09c4cd78fc699adde16692ff6b942de5db20f018f0a07225e3
-
SSDEEP
49152:rWh/zlgTf98c547VS3ltuUf/L+TjdbHdw7hzvCEBeNiUUUML9BO84MiAi/YCsm+m:riq18cW7VS3WKcRHdw7hzvCEBeNiUUU7
Static task
static1
Behavioral task
behavioral1
Sample
8730122dd25c422d6ef99def0f5215d3_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
8730122dd25c422d6ef99def0f5215d3_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
8730122dd25c422d6ef99def0f5215d3_JaffaCakes118
-
Size
2.7MB
-
MD5
8730122dd25c422d6ef99def0f5215d3
-
SHA1
ce9fba33ecb7c13718bbc1403761374f21c086a3
-
SHA256
2c8899c50ebb0f08ec1aa6ade80b926955bc212f67aa37757b1135783f2b5924
-
SHA512
0389bf362b5db1069f29af1065b420130dc4c7a5581dba8646f77adc0e3394c3587236be5d5a6e09c4cd78fc699adde16692ff6b942de5db20f018f0a07225e3
-
SSDEEP
49152:rWh/zlgTf98c547VS3ltuUf/L+TjdbHdw7hzvCEBeNiUUUML9BO84MiAi/YCsm+m:riq18cW7VS3WKcRHdw7hzvCEBeNiUUU7
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
4