Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aa68a521d5fcec5d24933b26162e9275JaffaCakes118
-
Size
1.0MB
-
Sample
240819-m8t4katgjn
-
MD5
aa68a521d5fcec5d24933b26162e9275
-
SHA1
8168da6d2a55050e45a6997bf49ce6511a67be59
-
SHA256
0c42facd22e0df812a49d7e64bff9fb369542cd3401b297103538f45027f92d8
-
SHA512
bb96450576086cc3cbb55cbc98e858a9e620885baedc80f2c637b2a90034104c32b2e89db60c6d4f11a0b4cd7d722fc2b4f754906f6a1e263ba5c0392a093e64
-
SSDEEP
24576:M3K+yB5tzZscm1zSnZBtn+sS4+alu1HsiFxKK:T1bzk1zsZBBSVgu1HX
Static task
static1
Behavioral task
behavioral1
Sample
aa68a521d5fcec5d24933b26162e9275JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
aa68a521d5fcec5d24933b26162e9275JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
aa68a521d5fcec5d24933b26162e9275JaffaCakes118
-
Size
1.0MB
-
MD5
aa68a521d5fcec5d24933b26162e9275
-
SHA1
8168da6d2a55050e45a6997bf49ce6511a67be59
-
SHA256
0c42facd22e0df812a49d7e64bff9fb369542cd3401b297103538f45027f92d8
-
SHA512
bb96450576086cc3cbb55cbc98e858a9e620885baedc80f2c637b2a90034104c32b2e89db60c6d4f11a0b4cd7d722fc2b4f754906f6a1e263ba5c0392a093e64
-
SSDEEP
24576:M3K+yB5tzZscm1zSnZBtn+sS4+alu1HsiFxKK:T1bzk1zsZBBSVgu1HX
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
2AppInit DLLs
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
2AppInit DLLs
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
2Disable or Modify System Firewall
2Modify Registry
1