Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eba29d7c748c07c33334aeb39f1bfe0e_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240919-symjmawfpn

  • MD5

    eba29d7c748c07c33334aeb39f1bfe0e

  • SHA1

    c1dea7399bbc1ce4269bcd95cfe74d096b342392

  • SHA256

    10bc207a49c42553abfdaf6bad13228ed662c38de58a8132c3c7155f7319163b

  • SHA512

    d43c44575afa3d60f836df6d2a2271c06ace31ebf2a38f81572b8948b021c9c11ab3dd4efa377c3801410f52a77c016fc4a34f83e0c1550d75e548984a54d0d9

  • SSDEEP

    12288:4vO2jCbhwdKLPYs0E55JJ5PsLk1rmiUpXwN0PxNBxliM5MPSx/B6zc:emYsL55heZd5PiMsSx/B6zc

Score
10/10

Malware Config

Targets

    • Target

      eba29d7c748c07c33334aeb39f1bfe0e_JaffaCakes118

    • Size

      1.9MB

    • MD5

      eba29d7c748c07c33334aeb39f1bfe0e

    • SHA1

      c1dea7399bbc1ce4269bcd95cfe74d096b342392

    • SHA256

      10bc207a49c42553abfdaf6bad13228ed662c38de58a8132c3c7155f7319163b

    • SHA512

      d43c44575afa3d60f836df6d2a2271c06ace31ebf2a38f81572b8948b021c9c11ab3dd4efa377c3801410f52a77c016fc4a34f83e0c1550d75e548984a54d0d9

    • SSDEEP

      12288:4vO2jCbhwdKLPYs0E55JJ5PsLk1rmiUpXwN0PxNBxliM5MPSx/B6zc:emYsL55heZd5PiMsSx/B6zc

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds policy Run key to start application

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies WinLogon

    • Network Share Discovery

      Attempt to gather information on host network.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks