Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

bbcf054452...18.exe

windows7-x64

10

bbcf054452...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbcf0544525372a48cb7d39285974c90_JaffaCakes118

  • Size

    47KB

  • Sample

    240823-p4x1rsxdrp

  • MD5

    bbcf0544525372a48cb7d39285974c90

  • SHA1

    ab8c843a6a622b5e6a8ca5715f287460b06d20d7

  • SHA256

    b8ebdf1a108a3dd19cc95242a0165cb13ede88008d8f75867f91862dde4334b5

  • SHA512

    431e6a9e00211c5a5f63e53c137e7674f028a903e1245805f0a4c318fe0f6641df4bb6d0470369f2e2ee55b0ff32257d8bdef3eea71a40952964e0ae640e60df

  • SSDEEP

    768:RagDcvogUQd2Z9hAOfdvNX9s3SZDGY8yX3S9Blz4p/p:RPoa9hNvNncyX32/I/p

Score
10/10
bootkitdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      bbcf0544525372a48cb7d39285974c90_JaffaCakes118

    • Size

      47KB

    • MD5

      bbcf0544525372a48cb7d39285974c90

    • SHA1

      ab8c843a6a622b5e6a8ca5715f287460b06d20d7

    • SHA256

      b8ebdf1a108a3dd19cc95242a0165cb13ede88008d8f75867f91862dde4334b5

    • SHA512

      431e6a9e00211c5a5f63e53c137e7674f028a903e1245805f0a4c318fe0f6641df4bb6d0470369f2e2ee55b0ff32257d8bdef3eea71a40952964e0ae640e60df

    • SSDEEP

      768:RagDcvogUQd2Z9hAOfdvNX9s3SZDGY8yX3S9Blz4p/p:RPoa9hNvNncyX32/I/p

    Score
    10/10
    bootkitdiscoverypersistencespywarestealer

    • Modifies WinLogon for persistence

      persistence

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks