Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ad5fb6ea2263e306d3071477d228658a_JaffaCakes118

  • Size

    436KB

  • Sample

    240820-bv9fjs1ark

  • MD5

    ad5fb6ea2263e306d3071477d228658a

  • SHA1

    133b7b5794197288fc3357a538d7696d9649f0e9

  • SHA256

    70131898358ac17e331b273a7af5fe80ae21679e88c0c44169b1adadb0ea5376

  • SHA512

    7c71caacb48ee4c0919f547adf5b3d76b5b59a71315fde6afd3079d2c018a7a80308f2ed2dd0a0637c1e370da49dd373446bfec27d4bcd240633fd27b5040f98

  • SSDEEP

    12288:ualVlT+xA+U2Lj6yrCltturh/fXp8na3F4:JDlKi2iYCtturtXi1

Score
10/10

Malware Config

Targets

    • Target

      ad5fb6ea2263e306d3071477d228658a_JaffaCakes118

    • Size

      436KB

    • MD5

      ad5fb6ea2263e306d3071477d228658a

    • SHA1

      133b7b5794197288fc3357a538d7696d9649f0e9

    • SHA256

      70131898358ac17e331b273a7af5fe80ae21679e88c0c44169b1adadb0ea5376

    • SHA512

      7c71caacb48ee4c0919f547adf5b3d76b5b59a71315fde6afd3079d2c018a7a80308f2ed2dd0a0637c1e370da49dd373446bfec27d4bcd240633fd27b5040f98

    • SSDEEP

      12288:ualVlT+xA+U2Lj6yrCltturh/fXp8na3F4:JDlKi2iYCtturtXi1

    Score
    10/10
    • Modifies WinLogon for persistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks