Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
87b90f5e154e53f894ab9903772e7906_JaffaCakes118
-
Size
864KB
-
Sample
240810-z717psydrr
-
MD5
87b90f5e154e53f894ab9903772e7906
-
SHA1
3b4c322247518dcab187219d5b1789cc47aa3fa7
-
SHA256
5b05b8b8ff4f3d914482866b6187e6b10992db770f0327c74d46f35afb7617f7
-
SHA512
ba4e895c81f03bda92a6673c4becf27e59e93014c1716ba7f250ed569d3bdac797ac0506ef303373cd9d7e1de815f9a235096ef728574418b56d40d430cbd9e0
-
SSDEEP
12288:3ZWtI6RkZBSerQZb+md4w1UOeZJys73dOvXDpNjNe8mPqu4:3uhaZBSerQZb+md4wmOeZJ8NI8ru4
Behavioral task
behavioral1
Sample
87b90f5e154e53f894ab9903772e7906_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
87b90f5e154e53f894ab9903772e7906_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
87b90f5e154e53f894ab9903772e7906_JaffaCakes118
-
Size
864KB
-
MD5
87b90f5e154e53f894ab9903772e7906
-
SHA1
3b4c322247518dcab187219d5b1789cc47aa3fa7
-
SHA256
5b05b8b8ff4f3d914482866b6187e6b10992db770f0327c74d46f35afb7617f7
-
SHA512
ba4e895c81f03bda92a6673c4becf27e59e93014c1716ba7f250ed569d3bdac797ac0506ef303373cd9d7e1de815f9a235096ef728574418b56d40d430cbd9e0
-
SSDEEP
12288:3ZWtI6RkZBSerQZb+md4w1UOeZJys73dOvXDpNjNe8mPqu4:3uhaZBSerQZb+md4wmOeZJ8NI8ru4
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
1