Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d66ee2a601a9b386bccb38b5a885f74f_JaffaCakes118
-
Size
288KB
-
Sample
240909-q1pewstbqe
-
MD5
d66ee2a601a9b386bccb38b5a885f74f
-
SHA1
b8fafe57754d166f68f6d414ac42b44701ad16eb
-
SHA256
fde897f9ece7e96f541c2c934d12c121f02b54a90bb8cbca09c1afdc53af57ef
-
SHA512
e915fedae7b886bcdaf7998548430257aed42b4e738ea872bdf448f51b67a119f65cb0a23b7f3c04650ed49a21ffe6a619dd7e1a923d428daf459672c7e09469
-
SSDEEP
3072:Xd0X0e1FB/DpKjCLHZA2emjL1bQ7EXPdK7l2bmMdB:Xxg1hmMd
Malware Config
Targets
-
-
Target
d66ee2a601a9b386bccb38b5a885f74f_JaffaCakes118
-
Size
288KB
-
MD5
d66ee2a601a9b386bccb38b5a885f74f
-
SHA1
b8fafe57754d166f68f6d414ac42b44701ad16eb
-
SHA256
fde897f9ece7e96f541c2c934d12c121f02b54a90bb8cbca09c1afdc53af57ef
-
SHA512
e915fedae7b886bcdaf7998548430257aed42b4e738ea872bdf448f51b67a119f65cb0a23b7f3c04650ed49a21ffe6a619dd7e1a923d428daf459672c7e09469
-
SSDEEP
3072:Xd0X0e1FB/DpKjCLHZA2emjL1bQ7EXPdK7l2bmMdB:Xxg1hmMd
Score10/10-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4