Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    be5b87e0bb953a1ab3496cf6f7fb5897_JaffaCakes118

  • Size

    62KB

  • Sample

    240824-l2dybsvckd

  • MD5

    be5b87e0bb953a1ab3496cf6f7fb5897

  • SHA1

    a6aa09fa8b71a3951911b521e34435093ebd39ec

  • SHA256

    444d3e227591e251b3114bee41ac0b14627d3e4aebcc84749bab77316c631bd0

  • SHA512

    b93828b41153b217d456de5758c84cb70a2b9ef212494270530f9157afcc29dd7d068cd66aaa305dd5301c460e3662434696d73d61d562b949f0f72755940e74

  • SSDEEP

    768:hEDHCnRXpBeLqa0FBh14k7iZLZx4J7W8XmXNBlNDFX7fq/vdqx03weoSb03xd:lRXpBeU6n4PYB7l7oV0S8

Score
10/10

Malware Config

Targets

    • Target

      be5b87e0bb953a1ab3496cf6f7fb5897_JaffaCakes118

    • Size

      62KB

    • MD5

      be5b87e0bb953a1ab3496cf6f7fb5897

    • SHA1

      a6aa09fa8b71a3951911b521e34435093ebd39ec

    • SHA256

      444d3e227591e251b3114bee41ac0b14627d3e4aebcc84749bab77316c631bd0

    • SHA512

      b93828b41153b217d456de5758c84cb70a2b9ef212494270530f9157afcc29dd7d068cd66aaa305dd5301c460e3662434696d73d61d562b949f0f72755940e74

    • SSDEEP

      768:hEDHCnRXpBeLqa0FBh14k7iZLZx4J7W8XmXNBlNDFX7fq/vdqx03weoSb03xd:lRXpBeU6n4PYB7l7oV0S8

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Modifies WinLogon

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks