Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ad53189db84a78d21eeb10ea62600c39_JaffaCakes118

  • Size

    51KB

  • Sample

    240820-bj274azenk

  • MD5

    ad53189db84a78d21eeb10ea62600c39

  • SHA1

    be65646d0f6a3415ceceeb72a426d13b0140d2a7

  • SHA256

    63a1e56982464c6fd963d8ade99fbaa212ed45733d56545ebb767c29e2e89682

  • SHA512

    22bae0af5876374a7d30325ad892c7d2a153b9091eb7350bccb9d151bb985cfb8fe7cb7f4e5994c11e92771b674a795775cab55cd77656dde987aa998c5580c6

  • SSDEEP

    1536:hmZHPoToCWFSu2MbLJkpbCSzSNhquwjPgQ:iHPDFSDMZkxCSzg3wjv

Score
10/10

Malware Config

Targets

    • Target

      ad53189db84a78d21eeb10ea62600c39_JaffaCakes118

    • Size

      51KB

    • MD5

      ad53189db84a78d21eeb10ea62600c39

    • SHA1

      be65646d0f6a3415ceceeb72a426d13b0140d2a7

    • SHA256

      63a1e56982464c6fd963d8ade99fbaa212ed45733d56545ebb767c29e2e89682

    • SHA512

      22bae0af5876374a7d30325ad892c7d2a153b9091eb7350bccb9d151bb985cfb8fe7cb7f4e5994c11e92771b674a795775cab55cd77656dde987aa998c5580c6

    • SSDEEP

      1536:hmZHPoToCWFSu2MbLJkpbCSzSNhquwjPgQ:iHPDFSDMZkxCSzg3wjv

    Score
    10/10
    • Modifies WinLogon for persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks