Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8a44ce3e5725d15612cec4aa65653502_JaffaCakes118

  • Size

    100KB

  • Sample

    240811-n323naybnj

  • MD5

    8a44ce3e5725d15612cec4aa65653502

  • SHA1

    71c3dea38e4936bc7b56dba1107a9b6d67733731

  • SHA256

    b3ccd949837693df4a884d37dcd9b357de5a5d1897345778c262dea3a9f90209

  • SHA512

    9f1bcfcccf1ff9f0a5398a9cb1b14e1c4622077c0718ef9880987634ad6c086821150f87a9523bfcbd5eb8e955090654d13f3d97f2bc0df0dce5504c961c2426

  • SSDEEP

    3072:0XreNGN6yI6aU3/yCQMfWpr2CG4mAnm3oeY:0HNlI5UKCQWWJ2CwkkY

Malware Config

Targets

    • Target

      8a44ce3e5725d15612cec4aa65653502_JaffaCakes118

    • Size

      100KB

    • MD5

      8a44ce3e5725d15612cec4aa65653502

    • SHA1

      71c3dea38e4936bc7b56dba1107a9b6d67733731

    • SHA256

      b3ccd949837693df4a884d37dcd9b357de5a5d1897345778c262dea3a9f90209

    • SHA512

      9f1bcfcccf1ff9f0a5398a9cb1b14e1c4622077c0718ef9880987634ad6c086821150f87a9523bfcbd5eb8e955090654d13f3d97f2bc0df0dce5504c961c2426

    • SSDEEP

      3072:0XreNGN6yI6aU3/yCQMfWpr2CG4mAnm3oeY:0HNlI5UKCQWWJ2CwkkY

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks