Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e2f2d2f9280964279c9fd7d489254308_JaffaCakes118
-
Size
108KB
-
Sample
240915-vcf6tstbjg
-
MD5
e2f2d2f9280964279c9fd7d489254308
-
SHA1
3d758c8ae7e4dfcb357bff4968ee204ca76d6ea0
-
SHA256
17b88d8bf6a82375851bf279cd2a2cf2d1200726638bbc382787a016e7323cc9
-
SHA512
7f06249cd6ee6400211f70349847b4d955fd74cf399d6b77ee7b874965c4701c788ffa7769c71f8ab9266524f3562efa0f7c27c76588dbc8eb0390ceb4d7f275
-
SSDEEP
3072:41+MJKrUnFYY5z1i0Nmbi5fJBNUweout:gIrPj0NmWtN+oS
Behavioral task
behavioral1
Sample
e2f2d2f9280964279c9fd7d489254308_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e2f2d2f9280964279c9fd7d489254308_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e2f2d2f9280964279c9fd7d489254308_JaffaCakes118
-
Size
108KB
-
MD5
e2f2d2f9280964279c9fd7d489254308
-
SHA1
3d758c8ae7e4dfcb357bff4968ee204ca76d6ea0
-
SHA256
17b88d8bf6a82375851bf279cd2a2cf2d1200726638bbc382787a016e7323cc9
-
SHA512
7f06249cd6ee6400211f70349847b4d955fd74cf399d6b77ee7b874965c4701c788ffa7769c71f8ab9266524f3562efa0f7c27c76588dbc8eb0390ceb4d7f275
-
SSDEEP
3072:41+MJKrUnFYY5z1i0Nmbi5fJBNUweout:gIrPj0NmWtN+oS
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2