Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fa1f98dcf2716597118c4b5631c2779d_JaffaCakes118
-
Size
3.5MB
-
Sample
240927-k47sraxgrg
-
MD5
fa1f98dcf2716597118c4b5631c2779d
-
SHA1
416930b507b2f949dd970b8f706df756f9dee66a
-
SHA256
e62f391e03b142a6c43a755f8c7bdbe06d67cfc6366bf982e7c58caa18ed8e03
-
SHA512
7426a4c3f20f50677025526dd18fd2319a8360843147ca54f54649b544c923375a04213f5307889032b0249d73d48d2e1fa9e3c7fec0b23af95c64642db16be2
-
SSDEEP
24576:CNrA23g8jBbzxVewrO+4ILT27q2cqKHJKd+jePB/Q5z8Y/1iELi3AicfkfzVBEe:CVJjBbFVe2ODIX6qxMd/P2wN3Aic6
Static task
static1
Behavioral task
behavioral1
Sample
fa1f98dcf2716597118c4b5631c2779d_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fa1f98dcf2716597118c4b5631c2779d_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
fa1f98dcf2716597118c4b5631c2779d_JaffaCakes118
-
Size
3.5MB
-
MD5
fa1f98dcf2716597118c4b5631c2779d
-
SHA1
416930b507b2f949dd970b8f706df756f9dee66a
-
SHA256
e62f391e03b142a6c43a755f8c7bdbe06d67cfc6366bf982e7c58caa18ed8e03
-
SHA512
7426a4c3f20f50677025526dd18fd2319a8360843147ca54f54649b544c923375a04213f5307889032b0249d73d48d2e1fa9e3c7fec0b23af95c64642db16be2
-
SSDEEP
24576:CNrA23g8jBbzxVewrO+4ILT27q2cqKHJKd+jePB/Q5z8Y/1iELi3AicfkfzVBEe:CVJjBbFVe2ODIX6qxMd/P2wN3Aic6
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1