Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e08513bc1b6ae670a7eebe8ea5280f28_JaffaCakes118
-
Size
3.0MB
-
Sample
240914-tcgxpaseqe
-
MD5
e08513bc1b6ae670a7eebe8ea5280f28
-
SHA1
38857f477aefcc84ce49c4898ecbd4cc8749019b
-
SHA256
47e699a6f933ed28b3cff662c3c026ea20c3cf67734ff04460069930245da411
-
SHA512
db91ed08e9780dc529e5174c869dc1b70c9784d49f9dc64b33cf23474b0ff7f09e958896875c169a0ff47b2ef9f7c0828503b0810fea600360f0d0adddaacb9f
-
SSDEEP
98304:4YiM416F32BF8HTzTjXuqODWXRNFsGZHLdLBzp9:4YSU32BF8jjeVsRNFsGZHLJ
Static task
static1
Behavioral task
behavioral1
Sample
e08513bc1b6ae670a7eebe8ea5280f28_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e08513bc1b6ae670a7eebe8ea5280f28_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e08513bc1b6ae670a7eebe8ea5280f28_JaffaCakes118
-
Size
3.0MB
-
MD5
e08513bc1b6ae670a7eebe8ea5280f28
-
SHA1
38857f477aefcc84ce49c4898ecbd4cc8749019b
-
SHA256
47e699a6f933ed28b3cff662c3c026ea20c3cf67734ff04460069930245da411
-
SHA512
db91ed08e9780dc529e5174c869dc1b70c9784d49f9dc64b33cf23474b0ff7f09e958896875c169a0ff47b2ef9f7c0828503b0810fea600360f0d0adddaacb9f
-
SSDEEP
98304:4YiM416F32BF8HTzTjXuqODWXRNFsGZHLdLBzp9:4YSU32BF8jjeVsRNFsGZHLJ
Score8/10-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Execution
Scheduled Task/Job
1Scheduled Task
1System Services
1Service Execution
1Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1