Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fb837949878bcbf0237d10f5a55d4596_JaffaCakes118
-
Size
810KB
-
Sample
240928-e717gsxcrp
-
MD5
fb837949878bcbf0237d10f5a55d4596
-
SHA1
49060f735a7315f31efb5854f6c7125a62c60ce6
-
SHA256
e7facc5ee954bf8e62d3ecd2fd6291b8f4af5f22dedc733b4f30ba8be9419e4f
-
SHA512
21d6ab7b748f452374f74cf99fb411595d0b7fa250daebf4385368c2aa3cf1d820f4a944f859d587030be828e1e651e035d233ce0a7943315ab6226420a80ccd
-
SSDEEP
24576:qnkEo4+x2U0kqtlByj2yamCvF2SyiD9p0:KoJctG2oo2Syihp0
Malware Config
Targets
-
-
Target
fb837949878bcbf0237d10f5a55d4596_JaffaCakes118
-
Size
810KB
-
MD5
fb837949878bcbf0237d10f5a55d4596
-
SHA1
49060f735a7315f31efb5854f6c7125a62c60ce6
-
SHA256
e7facc5ee954bf8e62d3ecd2fd6291b8f4af5f22dedc733b4f30ba8be9419e4f
-
SHA512
21d6ab7b748f452374f74cf99fb411595d0b7fa250daebf4385368c2aa3cf1d820f4a944f859d587030be828e1e651e035d233ce0a7943315ab6226420a80ccd
-
SSDEEP
24576:qnkEo4+x2U0kqtlByj2yamCvF2SyiD9p0:KoJctG2oo2Syihp0
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-