Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb60872057cc9341ab752b322d4144e0_JaffaCakes118

  • Size

    827KB

  • Sample

    240928-djatyswdpg

  • MD5

    fb60872057cc9341ab752b322d4144e0

  • SHA1

    b550b182cfff4a2ed386c2a5440193b99dc87900

  • SHA256

    071d666f43140d25469bbb45907e9d2776a5d4c251fe3fe69e20f8226dcbbaf1

  • SHA512

    20932a0dc2e6d9311b5d1e367998ae606abcdbe7765909fe95e30e5d2746acc0027e9f6927a1c307c70d0c3f8e693d41b4fef5aea74623d8cfd3c0bbcc6501a8

  • SSDEEP

    24576:NlI/wLoGBbA+1yuw8MtP6X/4JeNT2vGU8KK1A//p:NlI/woGBbA+ML8DXwJcTad8KF

Malware Config

Targets

    • Target

      fb60872057cc9341ab752b322d4144e0_JaffaCakes118

    • Size

      827KB

    • MD5

      fb60872057cc9341ab752b322d4144e0

    • SHA1

      b550b182cfff4a2ed386c2a5440193b99dc87900

    • SHA256

      071d666f43140d25469bbb45907e9d2776a5d4c251fe3fe69e20f8226dcbbaf1

    • SHA512

      20932a0dc2e6d9311b5d1e367998ae606abcdbe7765909fe95e30e5d2746acc0027e9f6927a1c307c70d0c3f8e693d41b4fef5aea74623d8cfd3c0bbcc6501a8

    • SSDEEP

      24576:NlI/wLoGBbA+1yuw8MtP6X/4JeNT2vGU8KK1A//p:NlI/woGBbA+ML8DXwJcTad8KF

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks