Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f9aab14e37f6e33567dd2c1c6f6bae7e_JaffaCakes118
-
Size
515KB
-
Sample
240927-ejvd2axbrf
-
MD5
f9aab14e37f6e33567dd2c1c6f6bae7e
-
SHA1
b1c7542514c544ab54aed7375e9d81c2e0dbe030
-
SHA256
d64cb2fde11524531b58f22b084bba16667dea12708824b37a883192dd746c05
-
SHA512
8d0658c606a3ea122b1d858ab951a26ffa3685c3808bb77bd670d10d8c9da8fb51acb2e15d747fc3ff95def3b07006863b8fe95796db5f28941910d737b4da66
-
SSDEEP
384:7dD9d6G4KwTrzMULh+HdlEWl5pKsYamGT9sPjM4KMjR/OELczXtrxvJlwj+:7rkXMULml5p7j9swWR/zcXtNvJh
Static task
static1
Behavioral task
behavioral1
Sample
f9aab14e37f6e33567dd2c1c6f6bae7e_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f9aab14e37f6e33567dd2c1c6f6bae7e_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f9aab14e37f6e33567dd2c1c6f6bae7e_JaffaCakes118
-
Size
515KB
-
MD5
f9aab14e37f6e33567dd2c1c6f6bae7e
-
SHA1
b1c7542514c544ab54aed7375e9d81c2e0dbe030
-
SHA256
d64cb2fde11524531b58f22b084bba16667dea12708824b37a883192dd746c05
-
SHA512
8d0658c606a3ea122b1d858ab951a26ffa3685c3808bb77bd670d10d8c9da8fb51acb2e15d747fc3ff95def3b07006863b8fe95796db5f28941910d737b4da66
-
SSDEEP
384:7dD9d6G4KwTrzMULh+HdlEWl5pKsYamGT9sPjM4KMjR/OELczXtrxvJlwj+:7rkXMULml5p7j9swWR/zcXtNvJh
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1