Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bd308371e3b742aab75469dbe4d14263_JaffaCakes118
-
Size
12.7MB
-
Sample
240823-z4zjpsxape
-
MD5
bd308371e3b742aab75469dbe4d14263
-
SHA1
8d38ee594a41dcaf060b56f63ddead71baae0a5e
-
SHA256
a6968671789010ec5095b9f5a212c851ef68398aa43e6927d44be303f681de8b
-
SHA512
4b1c50ce22d418477d5c1bd5c82374ec263095b2dda0a1903d82fe208de1cee01c859cbaa947f89a917d5e3091a27d4a46ea0e175f721d0850d124b9733e114e
-
SSDEEP
196608:pPm+7z52O9cVoZ2+3V19UwGJXOYOX9b6:pPF5cs2y19UwGJXFOX9O
Static task
static1
Behavioral task
behavioral1
Sample
bd308371e3b742aab75469dbe4d14263_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
bd308371e3b742aab75469dbe4d14263_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
bd308371e3b742aab75469dbe4d14263_JaffaCakes118
-
Size
12.7MB
-
MD5
bd308371e3b742aab75469dbe4d14263
-
SHA1
8d38ee594a41dcaf060b56f63ddead71baae0a5e
-
SHA256
a6968671789010ec5095b9f5a212c851ef68398aa43e6927d44be303f681de8b
-
SHA512
4b1c50ce22d418477d5c1bd5c82374ec263095b2dda0a1903d82fe208de1cee01c859cbaa947f89a917d5e3091a27d4a46ea0e175f721d0850d124b9733e114e
-
SSDEEP
196608:pPm+7z52O9cVoZ2+3V19UwGJXOYOX9b6:pPF5cs2y19UwGJXFOX9O
Score8/10-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Execution
Scheduled Task/Job
1Scheduled Task
1System Services
1Service Execution
1Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1