Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
004f988ee75cdf3645c9aacca8491394_JaffaCakes118
-
Size
244KB
-
Sample
240930-jzv3qatgrk
-
MD5
004f988ee75cdf3645c9aacca8491394
-
SHA1
72a30959efda90cc16066d22956fa8e0d8c68663
-
SHA256
96abd574a8373707ea1c43da227c8929a03a895bab137d3eefd84aba73049850
-
SHA512
13a59b0419edae90b761c6b8ae3937b1dacaa81247e71bda98e0fb55c8b6e48eb51c4eb6a0c6d2a900ad4baceaae39ec40fd734fcd8f10d9cd621bdd4dc64793
-
SSDEEP
6144:AAg79NB/xnVHw514ITyQWAbqab1byetkefrh:WfQDRcNs1tkefF
Static task
static1
Behavioral task
behavioral1
Sample
004f988ee75cdf3645c9aacca8491394_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
004f988ee75cdf3645c9aacca8491394_JaffaCakes118.exe
Resource
win10v2004-20240910-en
Malware Config
Targets
-
-
Target
004f988ee75cdf3645c9aacca8491394_JaffaCakes118
-
Size
244KB
-
MD5
004f988ee75cdf3645c9aacca8491394
-
SHA1
72a30959efda90cc16066d22956fa8e0d8c68663
-
SHA256
96abd574a8373707ea1c43da227c8929a03a895bab137d3eefd84aba73049850
-
SHA512
13a59b0419edae90b761c6b8ae3937b1dacaa81247e71bda98e0fb55c8b6e48eb51c4eb6a0c6d2a900ad4baceaae39ec40fd734fcd8f10d9cd621bdd4dc64793
-
SSDEEP
6144:AAg79NB/xnVHw514ITyQWAbqab1byetkefrh:WfQDRcNs1tkefF
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1SIP and Trust Provider Hijacking
1