Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb837949878bcbf0237d10f5a55d4596_JaffaCakes118

  • Size

    810KB

  • Sample

    240928-e717gsxcrp

  • MD5

    fb837949878bcbf0237d10f5a55d4596

  • SHA1

    49060f735a7315f31efb5854f6c7125a62c60ce6

  • SHA256

    e7facc5ee954bf8e62d3ecd2fd6291b8f4af5f22dedc733b4f30ba8be9419e4f

  • SHA512

    21d6ab7b748f452374f74cf99fb411595d0b7fa250daebf4385368c2aa3cf1d820f4a944f859d587030be828e1e651e035d233ce0a7943315ab6226420a80ccd

  • SSDEEP

    24576:qnkEo4+x2U0kqtlByj2yamCvF2SyiD9p0:KoJctG2oo2Syihp0

Malware Config

Targets

    • Target

      fb837949878bcbf0237d10f5a55d4596_JaffaCakes118

    • Size

      810KB

    • MD5

      fb837949878bcbf0237d10f5a55d4596

    • SHA1

      49060f735a7315f31efb5854f6c7125a62c60ce6

    • SHA256

      e7facc5ee954bf8e62d3ecd2fd6291b8f4af5f22dedc733b4f30ba8be9419e4f

    • SHA512

      21d6ab7b748f452374f74cf99fb411595d0b7fa250daebf4385368c2aa3cf1d820f4a944f859d587030be828e1e651e035d233ce0a7943315ab6226420a80ccd

    • SSDEEP

      24576:qnkEo4+x2U0kqtlByj2yamCvF2SyiD9p0:KoJctG2oo2Syihp0

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks