Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a1d12749c3a445f9393c28d9ef398601_JaffaCakes118

  • Size

    500KB

  • Sample

    240817-j8qjlaygmk

  • MD5

    a1d12749c3a445f9393c28d9ef398601

  • SHA1

    af107688fb96027dc74b2d44070f7fa9d5729af1

  • SHA256

    777ebce5c12dad3e68e572bfda63c887c9046769d8677ba150f6c2099b3eddc5

  • SHA512

    1139b402a1612a0931f13d811401b2e6a42a3826dfe0b078d968e92e531c0567e74d710f3f7ef8c51e52a6cadd1535924d9e5a4003a3377c6c87fda3c9876ce0

  • SSDEEP

    12288:Ge4IKQ7VTVeBANiEYA9i5gdCZQ3True/6/:Ge4IL7beBANiDgsFZQ3T

Malware Config

Targets

    • Target

      a1d12749c3a445f9393c28d9ef398601_JaffaCakes118

    • Size

      500KB

    • MD5

      a1d12749c3a445f9393c28d9ef398601

    • SHA1

      af107688fb96027dc74b2d44070f7fa9d5729af1

    • SHA256

      777ebce5c12dad3e68e572bfda63c887c9046769d8677ba150f6c2099b3eddc5

    • SHA512

      1139b402a1612a0931f13d811401b2e6a42a3826dfe0b078d968e92e531c0567e74d710f3f7ef8c51e52a6cadd1535924d9e5a4003a3377c6c87fda3c9876ce0

    • SSDEEP

      12288:Ge4IKQ7VTVeBANiEYA9i5gdCZQ3True/6/:Ge4IL7beBANiDgsFZQ3T

    • Modifies firewall policy service

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks