Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    af9922a0606e654d4f6ad25e48d92de4_JaffaCakes118

  • Size

    12KB

  • Sample

    240820-rwmk6s1drn

  • MD5

    af9922a0606e654d4f6ad25e48d92de4

  • SHA1

    bac71f93fbac10837408bc449d48774465553225

  • SHA256

    1c2dfa721dca1ed6eb08273d7831c9a739da692339ae32f90be258e3fbf1b4c0

  • SHA512

    899a1bbb6c5b3b77759ac4015c485b780fa62fc349dad9411903cdeaeaaba8ca2648e678e6fb8eade715918142c75edeb6a676cd2da6efc7b34d5901c2635b3d

  • SSDEEP

    192:t1/Nbz+QU+1YEE8v7XfMV+xx3xaT8knkR+1EVl4hMau7V1w:t5lJWZaMwaT8qktl9au7Hw

Malware Config

Targets

    • Target

      af9922a0606e654d4f6ad25e48d92de4_JaffaCakes118

    • Size

      12KB

    • MD5

      af9922a0606e654d4f6ad25e48d92de4

    • SHA1

      bac71f93fbac10837408bc449d48774465553225

    • SHA256

      1c2dfa721dca1ed6eb08273d7831c9a739da692339ae32f90be258e3fbf1b4c0

    • SHA512

      899a1bbb6c5b3b77759ac4015c485b780fa62fc349dad9411903cdeaeaaba8ca2648e678e6fb8eade715918142c75edeb6a676cd2da6efc7b34d5901c2635b3d

    • SSDEEP

      192:t1/Nbz+QU+1YEE8v7XfMV+xx3xaT8knkR+1EVl4hMau7V1w:t5lJWZaMwaT8qktl9au7Hw

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Deletes itself

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks