Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fd3671d4c95e16cb11b38e2a8766462d_JaffaCakes118
-
Size
1.6MB
-
Sample
240928-1qpb9a1ala
-
MD5
fd3671d4c95e16cb11b38e2a8766462d
-
SHA1
29dc82d6597c8425eee00f2e8185b61a7395f948
-
SHA256
961b4c2ff40975c3ef62029c058e9261700f1d7e324bc752a7dda5ef57c2fad0
-
SHA512
ca3b636433e4591dfc5ebf01db9431367a7282ee8d2286109e969c536cf1b807f01182adbd79fe7139a4056a0aea69de8704bdbdccd14e9ca6e0acf116ea93cf
-
SSDEEP
24576:UuhaGeZJ8NI87eZJ8NI8DerQZb+md4wmqeZJ8NI87eZJ8NI8DerQZb+md4wmm:b28U8DerQZbd2v8U8DerQZbd2C
Static task
static1
Behavioral task
behavioral1
Sample
fd3671d4c95e16cb11b38e2a8766462d_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
fd3671d4c95e16cb11b38e2a8766462d_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
fd3671d4c95e16cb11b38e2a8766462d_JaffaCakes118
-
Size
1.6MB
-
MD5
fd3671d4c95e16cb11b38e2a8766462d
-
SHA1
29dc82d6597c8425eee00f2e8185b61a7395f948
-
SHA256
961b4c2ff40975c3ef62029c058e9261700f1d7e324bc752a7dda5ef57c2fad0
-
SHA512
ca3b636433e4591dfc5ebf01db9431367a7282ee8d2286109e969c536cf1b807f01182adbd79fe7139a4056a0aea69de8704bdbdccd14e9ca6e0acf116ea93cf
-
SSDEEP
24576:UuhaGeZJ8NI87eZJ8NI8DerQZb+md4wmqeZJ8NI87eZJ8NI8DerQZb+md4wmm:b28U8DerQZbd2v8U8DerQZbd2C
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
1