Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c8fc70f58d186bc77960daa2a2396111_JaffaCakes118
-
Size
88KB
-
Sample
240829-rkd5nawbqc
-
MD5
c8fc70f58d186bc77960daa2a2396111
-
SHA1
29965681b132ef5e8aca9f299b32f65d7cd9bea0
-
SHA256
7595260b8b810dc3884e124d49bf57a5613fbf05fed58805a39b2f0a1bec2a0a
-
SHA512
b2ed4ef83fadfa40706d6f1800f1a9ec4ecddd5ce00e73e3fe54f283a35a56c6ca594d41fa82b510da0a67ffc2a01e339df2e1df68edf499d54b0f5bb1f684e2
-
SSDEEP
1536:VoGyX8vr1+baP1jkjUCW8r58g+16w1jWjUC481yDMFCvJgZP1aZd3BddzyhP1aWT:VWX8vr1+baP1jkjUCW8r58g+16w1jWjC
Static task
static1
Behavioral task
behavioral1
Sample
c8fc70f58d186bc77960daa2a2396111_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c8fc70f58d186bc77960daa2a2396111_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c8fc70f58d186bc77960daa2a2396111_JaffaCakes118
-
Size
88KB
-
MD5
c8fc70f58d186bc77960daa2a2396111
-
SHA1
29965681b132ef5e8aca9f299b32f65d7cd9bea0
-
SHA256
7595260b8b810dc3884e124d49bf57a5613fbf05fed58805a39b2f0a1bec2a0a
-
SHA512
b2ed4ef83fadfa40706d6f1800f1a9ec4ecddd5ce00e73e3fe54f283a35a56c6ca594d41fa82b510da0a67ffc2a01e339df2e1df68edf499d54b0f5bb1f684e2
-
SSDEEP
1536:VoGyX8vr1+baP1jkjUCW8r58g+16w1jWjUC481yDMFCvJgZP1aZd3BddzyhP1aWT:VWX8vr1+baP1jkjUCW8r58g+16w1jWjC
Score8/10-
Disables RegEdit via registry modification
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
2Change Default File Association
1Image File Execution Options Injection
1