Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
de9e3a975408cadfc3de6380d94d6031_JaffaCakes118
-
Size
919KB
-
Sample
240913-wk5ptszerp
-
MD5
de9e3a975408cadfc3de6380d94d6031
-
SHA1
d90c1fbb73ea7795434cc30719e5267065b37d97
-
SHA256
5790ab960335e7288a7c52616e4c63d5317fd95a2d74d60546f21f47f56674b0
-
SHA512
e9bbed010592b7fa2bd41404ac3e4385afd91488aadd29791b318db7fe995f824d26a1a8e9c275ff7da8bc1a88b70d824b1325055a4ff067c8059c2d2fda2030
-
SSDEEP
24576:Q2ogqHQVCGH4ktf/XUP6CWi4+KAPPHAsE:qrHQtN/Xq6tiUAPPHA7
Malware Config
Targets
-
-
Target
de9e3a975408cadfc3de6380d94d6031_JaffaCakes118
-
Size
919KB
-
MD5
de9e3a975408cadfc3de6380d94d6031
-
SHA1
d90c1fbb73ea7795434cc30719e5267065b37d97
-
SHA256
5790ab960335e7288a7c52616e4c63d5317fd95a2d74d60546f21f47f56674b0
-
SHA512
e9bbed010592b7fa2bd41404ac3e4385afd91488aadd29791b318db7fe995f824d26a1a8e9c275ff7da8bc1a88b70d824b1325055a4ff067c8059c2d2fda2030
-
SSDEEP
24576:Q2ogqHQVCGH4ktf/XUP6CWi4+KAPPHAsE:qrHQtN/Xq6tiUAPPHA7
Score8/10-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
2