Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    961954bbc411d4eafd72efad94a6e160_JaffaCakes118

  • Size

    435KB

  • Sample

    240814-pmq6wswhpq

  • MD5

    961954bbc411d4eafd72efad94a6e160

  • SHA1

    0a0e1830d6b2a169527fe61b9111b4171cc5a01f

  • SHA256

    bcd74869fed12192e15d27254f6736621a82fbdcb555f7a258d0f2fa99eed36e

  • SHA512

    c70698005bd0974ace29ad991b3dd3cae82809a088ba6b090e1b2786bf72f87e5a87493aadab7d0adf4e2929bf7d0edc903154a590f15439543f45af1ad22cdb

  • SSDEEP

    12288:ji8ssa1TX35mrEe0zfGr7c1+GHjcSczuhE:ji8sjTZmrEesbMGDSzu2

Malware Config

Targets

    • Target

      961954bbc411d4eafd72efad94a6e160_JaffaCakes118

    • Size

      435KB

    • MD5

      961954bbc411d4eafd72efad94a6e160

    • SHA1

      0a0e1830d6b2a169527fe61b9111b4171cc5a01f

    • SHA256

      bcd74869fed12192e15d27254f6736621a82fbdcb555f7a258d0f2fa99eed36e

    • SHA512

      c70698005bd0974ace29ad991b3dd3cae82809a088ba6b090e1b2786bf72f87e5a87493aadab7d0adf4e2929bf7d0edc903154a590f15439543f45af1ad22cdb

    • SSDEEP

      12288:ji8ssa1TX35mrEe0zfGr7c1+GHjcSczuhE:ji8sjTZmrEesbMGDSzu2

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks