Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
de717a0c5aaec665b17467e9e194f3b7_JaffaCakes118
-
Size
205KB
-
Sample
240913-s2an8svhpp
-
MD5
de717a0c5aaec665b17467e9e194f3b7
-
SHA1
1f6ad67186615d0ad3753a88bdddc70a04320ea2
-
SHA256
2cda647bb44af93f99b0e083a039efd82745e2931e07d4f1ceafb9ede300dcd2
-
SHA512
dc164e953700239659cf2826684bfa03a2b7e735968921b6965c2d34e3b1d04e38bddb1cccce7b50e1a08433c20362dfe441bee5fe4f2d3d50b492e4df394b20
-
SSDEEP
6144:a0hfPqsPFbrBLAxNIKgUgk16yr4iTGmZwqo:a0hVPKvlgnykgGmZS
Malware Config
Targets
-
-
Target
de717a0c5aaec665b17467e9e194f3b7_JaffaCakes118
-
Size
205KB
-
MD5
de717a0c5aaec665b17467e9e194f3b7
-
SHA1
1f6ad67186615d0ad3753a88bdddc70a04320ea2
-
SHA256
2cda647bb44af93f99b0e083a039efd82745e2931e07d4f1ceafb9ede300dcd2
-
SHA512
dc164e953700239659cf2826684bfa03a2b7e735968921b6965c2d34e3b1d04e38bddb1cccce7b50e1a08433c20362dfe441bee5fe4f2d3d50b492e4df394b20
-
SSDEEP
6144:a0hfPqsPFbrBLAxNIKgUgk16yr4iTGmZwqo:a0hVPKvlgnykgGmZS
Score7/10-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1