Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
efcf353a31dae61120cca73be3e40fa9_JaffaCakes118
-
Size
242KB
-
Sample
240921-ptf99ssgkr
-
MD5
efcf353a31dae61120cca73be3e40fa9
-
SHA1
85d8b0ba8d584051ad14dffb6e44db49acf8f4cd
-
SHA256
f4b3d2c1ca6bdb2e4778c08edde3defaa97eea1bf8e72a96a6854767637c2c1d
-
SHA512
bf2f7376388e54df50306639e823aa075d2d5e262961604449159a29c1a4ef9759935ee0966d11c1c4514bd2040c3f860350164a2d829e7b27814b7c345ed20f
-
SSDEEP
6144:9keENDvTSn2SV/GuhYdViC7X57+nMusvFgWFGw:9NEND/k/GLPX57+nfsvFBFGw
Behavioral task
behavioral1
Sample
efcf353a31dae61120cca73be3e40fa9_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
efcf353a31dae61120cca73be3e40fa9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
efcf353a31dae61120cca73be3e40fa9_JaffaCakes118
-
Size
242KB
-
MD5
efcf353a31dae61120cca73be3e40fa9
-
SHA1
85d8b0ba8d584051ad14dffb6e44db49acf8f4cd
-
SHA256
f4b3d2c1ca6bdb2e4778c08edde3defaa97eea1bf8e72a96a6854767637c2c1d
-
SHA512
bf2f7376388e54df50306639e823aa075d2d5e262961604449159a29c1a4ef9759935ee0966d11c1c4514bd2040c3f860350164a2d829e7b27814b7c345ed20f
-
SSDEEP
6144:9keENDvTSn2SV/GuhYdViC7X57+nMusvFgWFGw:9NEND/k/GLPX57+nfsvFBFGw
Score7/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1