Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

c00e0a2800...18.exe

windows7-x64

c00e0a2800...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c00e0a28006e566d98d648895501c5b7_JaffaCakes118

  • Size

    92KB

  • Sample

    240825-f9b6taxcnh

  • MD5

    c00e0a28006e566d98d648895501c5b7

  • SHA1

    ac5c89577cf69fe74d92bc5c7559d95cd4144744

  • SHA256

    d30b7502e0025ead7d6c9ea85a3ac2bcc86b711913bf1850c659ff173ce32b43

  • SHA512

    5401010e08d1a7a64d9e1dab292db46dde827693bd4d77cfdeee549e81f526095490042d67e28a394bbf7e43636c0a444c089a87d664053e81ab575c5240462f

  • SSDEEP

    1536:c6PwBuNW/l6IhqoHLHoULJITp+utrajn56jZL+TVmroxMWNLzMo:c6EhrNGYutGqy9xxlzMo

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      c00e0a28006e566d98d648895501c5b7_JaffaCakes118

    • Size

      92KB

    • MD5

      c00e0a28006e566d98d648895501c5b7

    • SHA1

      ac5c89577cf69fe74d92bc5c7559d95cd4144744

    • SHA256

      d30b7502e0025ead7d6c9ea85a3ac2bcc86b711913bf1850c659ff173ce32b43

    • SHA512

      5401010e08d1a7a64d9e1dab292db46dde827693bd4d77cfdeee549e81f526095490042d67e28a394bbf7e43636c0a444c089a87d664053e81ab575c5240462f

    • SSDEEP

      1536:c6PwBuNW/l6IhqoHLHoULJITp+utrajn56jZL+TVmroxMWNLzMo:c6EhrNGYutGqy9xxlzMo

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks