Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ef5f42659bfa48d7896fe04434a2c7ca_JaffaCakes118

  • Size

    192KB

  • Sample

    240921-jxan1asdjr

  • MD5

    ef5f42659bfa48d7896fe04434a2c7ca

  • SHA1

    55515f10c8205c7a88ea972653328a9841e6704d

  • SHA256

    380fa37adcda144ee6c59ec251b976074fd8b7c48380df72ffa8769ea13f600f

  • SHA512

    c68408431521a930c24c4123328b8e0c6f9d19da7474ffeaa3a36f66ec90b4d1b1feb814035acd2455e3fff09f8fbcc028665c2ed79735fb19a929be780c3d34

  • SSDEEP

    3072:YpbtC5W7S8BFsPolqmDOn542beDNLbD8BpPq32:T5W7S8BGWqkxl4D

Malware Config

Targets

    • Target

      ef5f42659bfa48d7896fe04434a2c7ca_JaffaCakes118

    • Size

      192KB

    • MD5

      ef5f42659bfa48d7896fe04434a2c7ca

    • SHA1

      55515f10c8205c7a88ea972653328a9841e6704d

    • SHA256

      380fa37adcda144ee6c59ec251b976074fd8b7c48380df72ffa8769ea13f600f

    • SHA512

      c68408431521a930c24c4123328b8e0c6f9d19da7474ffeaa3a36f66ec90b4d1b1feb814035acd2455e3fff09f8fbcc028665c2ed79735fb19a929be780c3d34

    • SSDEEP

      3072:YpbtC5W7S8BFsPolqmDOn542beDNLbD8BpPq32:T5W7S8BGWqkxl4D

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks