Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    949882a8195c64899c177325331e922c_JaffaCakes118

  • Size

    58KB

  • Sample

    240813-y5l5bsthqd

  • MD5

    949882a8195c64899c177325331e922c

  • SHA1

    ca63216e933ce75ec4cf7db3d10044a1b4c9ce3f

  • SHA256

    c86a15b62e6a93aa128eb493aa5d12e4ed52b43353940d2e82c9857c72867ade

  • SHA512

    36dd57a6d31bc4e6a1f6645329f3cbb39cce2560fc6391dd32d4e59d4697d04b688a0461585ce5869540dfae0347e462871e678300b11bbc22e77edf979f3940

  • SSDEEP

    1536:Dnf/8mMyNXGWaAh/PqRDqC6FZnd+ZWNNO+1ijQU:D3X/ZRJhnE6FWMO+ij

Malware Config

Targets

    • Target

      949882a8195c64899c177325331e922c_JaffaCakes118

    • Size

      58KB

    • MD5

      949882a8195c64899c177325331e922c

    • SHA1

      ca63216e933ce75ec4cf7db3d10044a1b4c9ce3f

    • SHA256

      c86a15b62e6a93aa128eb493aa5d12e4ed52b43353940d2e82c9857c72867ade

    • SHA512

      36dd57a6d31bc4e6a1f6645329f3cbb39cce2560fc6391dd32d4e59d4697d04b688a0461585ce5869540dfae0347e462871e678300b11bbc22e77edf979f3940

    • SSDEEP

      1536:Dnf/8mMyNXGWaAh/PqRDqC6FZnd+ZWNNO+1ijQU:D3X/ZRJhnE6FWMO+ij

    • Drops file in Drivers directory

    • Event Triggered Execution: Image File Execution Options Injection

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks