Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d58dc061de281f5a37a43fb965433957_JaffaCakes118

  • Size

    819KB

  • Sample

    240909-djatysybrk

  • MD5

    d58dc061de281f5a37a43fb965433957

  • SHA1

    1e25974b2e40c32989f4762876c0bbfecaae0455

  • SHA256

    02d581ad600901a0c1b24c6bb06594346f538617d3e06cf3f311f65cd60f3b71

  • SHA512

    aefa80fd780781d57bbef5947d0a6739bd360dc082d35594ad484be0f9b06776ace0a3f291e47e9684280b751912f76f064ab58f8b88b6feec47cedf43b53949

  • SSDEEP

    24576:+2AQzIAiR2ivzFeQ70K/7GKsYPV6GPGefF/sh:+E6R15ewdsYd6Aft0h

Malware Config

Targets

    • Target

      d58dc061de281f5a37a43fb965433957_JaffaCakes118

    • Size

      819KB

    • MD5

      d58dc061de281f5a37a43fb965433957

    • SHA1

      1e25974b2e40c32989f4762876c0bbfecaae0455

    • SHA256

      02d581ad600901a0c1b24c6bb06594346f538617d3e06cf3f311f65cd60f3b71

    • SHA512

      aefa80fd780781d57bbef5947d0a6739bd360dc082d35594ad484be0f9b06776ace0a3f291e47e9684280b751912f76f064ab58f8b88b6feec47cedf43b53949

    • SSDEEP

      24576:+2AQzIAiR2ivzFeQ70K/7GKsYPV6GPGefF/sh:+E6R15ewdsYd6Aft0h

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks