Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cfeefe6f5b066de38fef45786b34e82a_JaffaCakes118
-
Size
78KB
-
Sample
240906-tml96avhpm
-
MD5
cfeefe6f5b066de38fef45786b34e82a
-
SHA1
935020840ef9b8c5e58fa811d5cb197612af2805
-
SHA256
305d5c8c8f00e7156dfacbf2e49524b6e87e3e7d3d5cca083d6156a82193610f
-
SHA512
250276ced6b7d84b3126e8818207f6691f04f53bae7dfe40eb648cd2dcd6cdf9bf53fa5da3aefc6157430b2db8dab22a054eddac011e7b691b6efcbae8b9f1b3
-
SSDEEP
768:/dICxZk/89MpVT7woQJcW/bnqC03T/yEwSndA/zJmnPi3JnrpZdxEk+fVx6P3jM0:/TYd5QJc/vaSybs4Zr+fX6P3jg
Static task
static1
Behavioral task
behavioral1
Sample
cfeefe6f5b066de38fef45786b34e82a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cfeefe6f5b066de38fef45786b34e82a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
cfeefe6f5b066de38fef45786b34e82a_JaffaCakes118
-
Size
78KB
-
MD5
cfeefe6f5b066de38fef45786b34e82a
-
SHA1
935020840ef9b8c5e58fa811d5cb197612af2805
-
SHA256
305d5c8c8f00e7156dfacbf2e49524b6e87e3e7d3d5cca083d6156a82193610f
-
SHA512
250276ced6b7d84b3126e8818207f6691f04f53bae7dfe40eb648cd2dcd6cdf9bf53fa5da3aefc6157430b2db8dab22a054eddac011e7b691b6efcbae8b9f1b3
-
SSDEEP
768:/dICxZk/89MpVT7woQJcW/bnqC03T/yEwSndA/zJmnPi3JnrpZdxEk+fVx6P3jM0:/TYd5QJc/vaSybs4Zr+fX6P3jg
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1Discovery
Browser Information Discovery
1Network Service Discovery
1Network Share Discovery
1Peripheral Device Discovery
1Permission Groups Discovery
1Local Groups
1Process Discovery
1Query Registry
1Remote System Discovery
2System Information Discovery
3System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
1Internet Connection Discovery
1System Network Connections Discovery
1