Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b2a3fd975ff33caeb7b7da61bb07dd33_JaffaCakes118
-
Size
745KB
-
Sample
240821-jlfqwaxapd
-
MD5
b2a3fd975ff33caeb7b7da61bb07dd33
-
SHA1
fe165a43f4e2ec825e3940f1298bcee3dcad84ce
-
SHA256
99a53d714667b30d97e7816afd672afb8ba032f6c525646fbd28bd312b9e3ae9
-
SHA512
6ff3d3df776178f025af5956b2e54700cbc39fe1e26f0f7c06afc8e20444f8f570f916ee9e8f536e37766a90c102051ce1208f3a670c2aadc08dfe7283747c73
-
SSDEEP
12288:s7omZ5IXftbYu8WNPQtN/gwZ4UItlbXfAChRq4z/O9jJ8TGSsiAyDG8A56:s7oIIXfe/qPQXnZ4vtJAUdz/AKSSsV6
Behavioral task
behavioral1
Sample
b2a3fd975ff33caeb7b7da61bb07dd33_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b2a3fd975ff33caeb7b7da61bb07dd33_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b2a3fd975ff33caeb7b7da61bb07dd33_JaffaCakes118
-
Size
745KB
-
MD5
b2a3fd975ff33caeb7b7da61bb07dd33
-
SHA1
fe165a43f4e2ec825e3940f1298bcee3dcad84ce
-
SHA256
99a53d714667b30d97e7816afd672afb8ba032f6c525646fbd28bd312b9e3ae9
-
SHA512
6ff3d3df776178f025af5956b2e54700cbc39fe1e26f0f7c06afc8e20444f8f570f916ee9e8f536e37766a90c102051ce1208f3a670c2aadc08dfe7283747c73
-
SSDEEP
12288:s7omZ5IXftbYu8WNPQtN/gwZ4UItlbXfAChRq4z/O9jJ8TGSsiAyDG8A56:s7oIIXfe/qPQXnZ4vtJAUdz/AKSSsV6
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-