Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    da5a1623c5d5153cd912396aaa48949e_JaffaCakes118

  • Size

    829KB

  • Sample

    240911-ppfg6szfqq

  • MD5

    da5a1623c5d5153cd912396aaa48949e

  • SHA1

    54ff1f3cc4891b3fed84874e8a944a5667b0ad18

  • SHA256

    3f5a3b6daf5e8e88f10946aeb3edcfb263f572fde0996a60874126b0c396db82

  • SHA512

    ef22f41c8214b3835685b7508f53206cab1c15eb05a1aec4990a9a669e064e08a34c21246f08e065e56b9e3e88729db9d1b20e778c2317729ed4bf3d498dc2bf

  • SSDEEP

    24576:yL5/rmRsmDWDPNuFhPvYrpLYHSfcoopooLY9Nu0ULz:oK5hPILYHSfeY9na

Malware Config

Targets

    • Target

      da5a1623c5d5153cd912396aaa48949e_JaffaCakes118

    • Size

      829KB

    • MD5

      da5a1623c5d5153cd912396aaa48949e

    • SHA1

      54ff1f3cc4891b3fed84874e8a944a5667b0ad18

    • SHA256

      3f5a3b6daf5e8e88f10946aeb3edcfb263f572fde0996a60874126b0c396db82

    • SHA512

      ef22f41c8214b3835685b7508f53206cab1c15eb05a1aec4990a9a669e064e08a34c21246f08e065e56b9e3e88729db9d1b20e778c2317729ed4bf3d498dc2bf

    • SSDEEP

      24576:yL5/rmRsmDWDPNuFhPvYrpLYHSfcoopooLY9Nu0ULz:oK5hPILYHSfeY9na

    • Modifies WinLogon for persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks