Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b433bf3cd50e66e9f28d421d004f0c44_JaffaCakes118
-
Size
158KB
-
Sample
240821-t1eggaselj
-
MD5
b433bf3cd50e66e9f28d421d004f0c44
-
SHA1
73c988ff9668686b165ee515b6f29c29eab97e32
-
SHA256
6d522f035ba435d3c3095fbe07322df0c5fdac87dde4af4d51c1a6ce5b972517
-
SHA512
55317177e7d46cfe7014e8cc37925a930301aa18aa7b13def46ef3a458632838f6353ff6322fd6d1b4af9f71804dd12fed5748b5f4349f8b098d71851ec72b69
-
SSDEEP
3072:rhIG58wPO0iayqAsbefQs0Ef9Qr+Uw/didZMl:rRT1yZsbe51Qr+UCdidZE
Malware Config
Targets
-
-
Target
b433bf3cd50e66e9f28d421d004f0c44_JaffaCakes118
-
Size
158KB
-
MD5
b433bf3cd50e66e9f28d421d004f0c44
-
SHA1
73c988ff9668686b165ee515b6f29c29eab97e32
-
SHA256
6d522f035ba435d3c3095fbe07322df0c5fdac87dde4af4d51c1a6ce5b972517
-
SHA512
55317177e7d46cfe7014e8cc37925a930301aa18aa7b13def46ef3a458632838f6353ff6322fd6d1b4af9f71804dd12fed5748b5f4349f8b098d71851ec72b69
-
SSDEEP
3072:rhIG58wPO0iayqAsbefQs0Ef9Qr+Uw/didZMl:rRT1yZsbe51Qr+UCdidZE
Score10/10-
Disables service(s)
-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1