Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d20cc50fa87f5f601ca82437ee8926c8_JaffaCakes118

  • Size

    697KB

  • Sample

    240907-qvxt3swgpn

  • MD5

    d20cc50fa87f5f601ca82437ee8926c8

  • SHA1

    065d6e37f6cdf7014fa57bc9fa080625558a0dcd

  • SHA256

    747b1fa2d2f6b786660d77ae7d2795c260d904fd83b575404a4dfe9866e53324

  • SHA512

    bdade4ad18ccaf1b6526ed66a7cc228d9c5b83021059086eb218b65f8407cc2ac5d388e56fed28a3819e639f516836a5ca87b15280447a4151af4dfadbca58dc

  • SSDEEP

    12288:UsA1mIRjZp9IyTFCMXSWEOIsgsg+8nS+KXVG8fXFGkvv4uvB1o0KufFiPu:UsnIPp9IyTFC00OIswnS+uw2XFGk4EBh

Malware Config

Targets

    • Target

      d20cc50fa87f5f601ca82437ee8926c8_JaffaCakes118

    • Size

      697KB

    • MD5

      d20cc50fa87f5f601ca82437ee8926c8

    • SHA1

      065d6e37f6cdf7014fa57bc9fa080625558a0dcd

    • SHA256

      747b1fa2d2f6b786660d77ae7d2795c260d904fd83b575404a4dfe9866e53324

    • SHA512

      bdade4ad18ccaf1b6526ed66a7cc228d9c5b83021059086eb218b65f8407cc2ac5d388e56fed28a3819e639f516836a5ca87b15280447a4151af4dfadbca58dc

    • SSDEEP

      12288:UsA1mIRjZp9IyTFCMXSWEOIsgsg+8nS+KXVG8fXFGkvv4uvB1o0KufFiPu:UsnIPp9IyTFC00OIswnS+uw2XFGk4EBh

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks