Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
af9922a0606e654d4f6ad25e48d92de4_JaffaCakes118
-
Size
12KB
-
Sample
240820-rwmk6s1drn
-
MD5
af9922a0606e654d4f6ad25e48d92de4
-
SHA1
bac71f93fbac10837408bc449d48774465553225
-
SHA256
1c2dfa721dca1ed6eb08273d7831c9a739da692339ae32f90be258e3fbf1b4c0
-
SHA512
899a1bbb6c5b3b77759ac4015c485b780fa62fc349dad9411903cdeaeaaba8ca2648e678e6fb8eade715918142c75edeb6a676cd2da6efc7b34d5901c2635b3d
-
SSDEEP
192:t1/Nbz+QU+1YEE8v7XfMV+xx3xaT8knkR+1EVl4hMau7V1w:t5lJWZaMwaT8qktl9au7Hw
Malware Config
Targets
-
-
Target
af9922a0606e654d4f6ad25e48d92de4_JaffaCakes118
-
Size
12KB
-
MD5
af9922a0606e654d4f6ad25e48d92de4
-
SHA1
bac71f93fbac10837408bc449d48774465553225
-
SHA256
1c2dfa721dca1ed6eb08273d7831c9a739da692339ae32f90be258e3fbf1b4c0
-
SHA512
899a1bbb6c5b3b77759ac4015c485b780fa62fc349dad9411903cdeaeaaba8ca2648e678e6fb8eade715918142c75edeb6a676cd2da6efc7b34d5901c2635b3d
-
SSDEEP
192:t1/Nbz+QU+1YEE8v7XfMV+xx3xaT8knkR+1EVl4hMau7V1w:t5lJWZaMwaT8qktl9au7Hw
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Deletes itself
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-