Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8b524072d5b0f8d167211d603e54a468_JaffaCakes118

  • Size

    18KB

  • Sample

    240811-v7crwstgrf

  • MD5

    8b524072d5b0f8d167211d603e54a468

  • SHA1

    0ca27d92047ae6136d4197517852b97bd5cfa453

  • SHA256

    ef852d67e1c3dc953a9929f5119c3626bbdbfc5e72d455ac89d025d8ed126441

  • SHA512

    3e72bb76b87d45297d1e412780da8f91360a85809301cf16debc96cd595a0bbb27d984290eb3709e5e909c9e9d36d1b26e386b3b08460833952f81383c10764b

  • SSDEEP

    384:5pbqo5F+rBerj7x/t7YRbOncVkbClDY0ABPaNJawcudoD7UV:50oyrWj7bYRqcVkbCKwnbcuyD7U

Malware Config

Targets

    • Target

      8b524072d5b0f8d167211d603e54a468_JaffaCakes118

    • Size

      18KB

    • MD5

      8b524072d5b0f8d167211d603e54a468

    • SHA1

      0ca27d92047ae6136d4197517852b97bd5cfa453

    • SHA256

      ef852d67e1c3dc953a9929f5119c3626bbdbfc5e72d455ac89d025d8ed126441

    • SHA512

      3e72bb76b87d45297d1e412780da8f91360a85809301cf16debc96cd595a0bbb27d984290eb3709e5e909c9e9d36d1b26e386b3b08460833952f81383c10764b

    • SSDEEP

      384:5pbqo5F+rBerj7x/t7YRbOncVkbClDY0ABPaNJawcudoD7UV:50oyrWj7bYRqcVkbCKwnbcuyD7U

    • Adds policy Run key to start application

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks