Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eefde0896c38953d97338c9be9c989c5_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240921-d3936atakb

  • MD5

    eefde0896c38953d97338c9be9c989c5

  • SHA1

    8f60fb6bb8d8f591d35f646fe8034bb1f25cc5c3

  • SHA256

    c66d52bcf29db1ff263f01381f2da1fdb0e582b69227a0f43de6ec251aac47b6

  • SHA512

    ebed225526cdebbe8a67077090bbf50c97016743d8c992e5797644776423d1fe84464686d2a9a5ea5e570a07eda712fca92e480f38b650a3db1f94225a7ac06b

  • SSDEEP

    24576:4d33RjEptwxaf4mqVlb2mn91c91PzdOUfoZgTVuxk1G9Pyed5iTKXUg5N:G33RjEptwxaf4mW91c91Pfo2TV0k1GZB

Malware Config

Targets

    • Target

      eefde0896c38953d97338c9be9c989c5_JaffaCakes118

    • Size

      1.4MB

    • MD5

      eefde0896c38953d97338c9be9c989c5

    • SHA1

      8f60fb6bb8d8f591d35f646fe8034bb1f25cc5c3

    • SHA256

      c66d52bcf29db1ff263f01381f2da1fdb0e582b69227a0f43de6ec251aac47b6

    • SHA512

      ebed225526cdebbe8a67077090bbf50c97016743d8c992e5797644776423d1fe84464686d2a9a5ea5e570a07eda712fca92e480f38b650a3db1f94225a7ac06b

    • SSDEEP

      24576:4d33RjEptwxaf4mqVlb2mn91c91PzdOUfoZgTVuxk1G9Pyed5iTKXUg5N:G33RjEptwxaf4mW91c91Pfo2TV0k1GZB

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks