Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b890a5a4bb81a9a937ff0e8f34a4532f_JaffaCakes118
-
Size
231KB
-
Sample
240822-wgpt7ssekq
-
MD5
b890a5a4bb81a9a937ff0e8f34a4532f
-
SHA1
3ea8173fadd51d9cb750b0b06ad5d60d55e0b69e
-
SHA256
c8df6abcfa589696b3694baec0d658df478cb8043de78a2fd9b43b37c6f1087f
-
SHA512
eb45c2202fa99dd8916ac84c305b04187099778c27c70b7b40a6c294313794c098f866fc45b2b2d5c42dd2c0d32b1252131ed903fce8a7b4f90b4b8f8a97c5fc
-
SSDEEP
6144:Qc1YS8yqjoZlcUlqcdWrT5sSlpRKUCd9WRTrA:QcWSPtmUlar1DlHdCd90
Behavioral task
behavioral1
Sample
b890a5a4bb81a9a937ff0e8f34a4532f_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
b890a5a4bb81a9a937ff0e8f34a4532f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b890a5a4bb81a9a937ff0e8f34a4532f_JaffaCakes118
-
Size
231KB
-
MD5
b890a5a4bb81a9a937ff0e8f34a4532f
-
SHA1
3ea8173fadd51d9cb750b0b06ad5d60d55e0b69e
-
SHA256
c8df6abcfa589696b3694baec0d658df478cb8043de78a2fd9b43b37c6f1087f
-
SHA512
eb45c2202fa99dd8916ac84c305b04187099778c27c70b7b40a6c294313794c098f866fc45b2b2d5c42dd2c0d32b1252131ed903fce8a7b4f90b4b8f8a97c5fc
-
SSDEEP
6144:Qc1YS8yqjoZlcUlqcdWrT5sSlpRKUCd9WRTrA:QcWSPtmUlar1DlHdCd90
Score7/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1