Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e08513bc1b6ae670a7eebe8ea5280f28_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240914-tcgxpaseqe

  • MD5

    e08513bc1b6ae670a7eebe8ea5280f28

  • SHA1

    38857f477aefcc84ce49c4898ecbd4cc8749019b

  • SHA256

    47e699a6f933ed28b3cff662c3c026ea20c3cf67734ff04460069930245da411

  • SHA512

    db91ed08e9780dc529e5174c869dc1b70c9784d49f9dc64b33cf23474b0ff7f09e958896875c169a0ff47b2ef9f7c0828503b0810fea600360f0d0adddaacb9f

  • SSDEEP

    98304:4YiM416F32BF8HTzTjXuqODWXRNFsGZHLdLBzp9:4YSU32BF8jjeVsRNFsGZHLJ

Malware Config

Targets

    • Target

      e08513bc1b6ae670a7eebe8ea5280f28_JaffaCakes118

    • Size

      3.0MB

    • MD5

      e08513bc1b6ae670a7eebe8ea5280f28

    • SHA1

      38857f477aefcc84ce49c4898ecbd4cc8749019b

    • SHA256

      47e699a6f933ed28b3cff662c3c026ea20c3cf67734ff04460069930245da411

    • SHA512

      db91ed08e9780dc529e5174c869dc1b70c9784d49f9dc64b33cf23474b0ff7f09e958896875c169a0ff47b2ef9f7c0828503b0810fea600360f0d0adddaacb9f

    • SSDEEP

      98304:4YiM416F32BF8HTzTjXuqODWXRNFsGZHLdLBzp9:4YSU32BF8jjeVsRNFsGZHLJ

    • Stops running service(s)

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks