Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
88e02f4ea19c8b1d3869f34319feeecc_JaffaCakes118
-
Size
474KB
-
Sample
240811-eckk9axfrd
-
MD5
88e02f4ea19c8b1d3869f34319feeecc
-
SHA1
51d50c786a27983f1be0b45f6db947a7452d955e
-
SHA256
c166886af3a9f84dd2d92c097d7fa6eecf11125e0875ca49f0e33b922d11ddd5
-
SHA512
654c5a9acf495f3d9f81629953e5ee5ad8ebb37532d128b35d30ff003cbea49c76df290aca977d6b3767aea27b128b4533618e8591628af3da4493321f4b3bc6
-
SSDEEP
12288:ZofvXDQUb7t2r2GKyLAaPEq2kJSKObLEXbEMd4L5mSG:ZoDQUb7t2rtAaPD2gXJuL8x
Malware Config
Targets
-
-
Target
88e02f4ea19c8b1d3869f34319feeecc_JaffaCakes118
-
Size
474KB
-
MD5
88e02f4ea19c8b1d3869f34319feeecc
-
SHA1
51d50c786a27983f1be0b45f6db947a7452d955e
-
SHA256
c166886af3a9f84dd2d92c097d7fa6eecf11125e0875ca49f0e33b922d11ddd5
-
SHA512
654c5a9acf495f3d9f81629953e5ee5ad8ebb37532d128b35d30ff003cbea49c76df290aca977d6b3767aea27b128b4533618e8591628af3da4493321f4b3bc6
-
SSDEEP
12288:ZofvXDQUb7t2r2GKyLAaPEq2kJSKObLEXbEMd4L5mSG:ZoDQUb7t2rtAaPD2gXJuL8x
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1