Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b9612b7a11d90363d72379960119532c_JaffaCakes118
-
Size
226KB
-
Sample
240822-2thvbathpq
-
MD5
b9612b7a11d90363d72379960119532c
-
SHA1
2a2861d159ebe8c7c94978ef62c5a2cdc90cd94a
-
SHA256
6b1ae6ea46719e196177e91eccdcb2b9c6f2fdc2ca6dccb7a0fc5bd5fc5a81d5
-
SHA512
e14acb3862ce7a289f601ece3123e3063763db54f55aacfada45673d9b34a48aeb8b086d289dbace619fd87c2ef0a1b1e6b0f1591490c5edf7afd586a92c15da
-
SSDEEP
3072:TdVd2Hayox1aM3pN3Hip9rtVnmywjg48jE2Ej5jE2Ej565BQZB1VLpCjARIqv:5uHOinmy+g4IE2EBE2EorG1VVE+IA
Behavioral task
behavioral1
Sample
b9612b7a11d90363d72379960119532c_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b9612b7a11d90363d72379960119532c_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b9612b7a11d90363d72379960119532c_JaffaCakes118
-
Size
226KB
-
MD5
b9612b7a11d90363d72379960119532c
-
SHA1
2a2861d159ebe8c7c94978ef62c5a2cdc90cd94a
-
SHA256
6b1ae6ea46719e196177e91eccdcb2b9c6f2fdc2ca6dccb7a0fc5bd5fc5a81d5
-
SHA512
e14acb3862ce7a289f601ece3123e3063763db54f55aacfada45673d9b34a48aeb8b086d289dbace619fd87c2ef0a1b1e6b0f1591490c5edf7afd586a92c15da
-
SSDEEP
3072:TdVd2Hayox1aM3pN3Hip9rtVnmywjg48jE2Ej5jE2Ej565BQZB1VLpCjARIqv:5uHOinmy+g4IE2EBE2EorG1VVE+IA
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
1