Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0413a4bb8e...18.exe

windows7-x64

7

0413a4bb8e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0413a4bb8e532da06d001a3cd660675f_JaffaCakes118

  • Size

    806KB

  • Sample

    241001-c569lswgqk

  • MD5

    0413a4bb8e532da06d001a3cd660675f

  • SHA1

    c9c624619788cf0f2944a003770b8c8d18757e6a

  • SHA256

    6a94716648b6b9de0d42af03628d0578500bd1cdf063ce4ae55db5b0b92bc89a

  • SHA512

    110e60fdcf9537dfbe04e9d73fbbfadb28f2824a50bc5e76e9879fa663830e3629c0633becb9f34ea74e0f39ca2bac8e94b13e6f8735d00c4f1da5f8bd18d875

  • SSDEEP

    12288:BGBrhBXzUNXocDtm+IAvFno+kO9HOdhaxNJnLb6YE9e+jQLcJ:UBHzUnY+/F1kOZkha/ZyYE46nJ

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      0413a4bb8e532da06d001a3cd660675f_JaffaCakes118

    • Size

      806KB

    • MD5

      0413a4bb8e532da06d001a3cd660675f

    • SHA1

      c9c624619788cf0f2944a003770b8c8d18757e6a

    • SHA256

      6a94716648b6b9de0d42af03628d0578500bd1cdf063ce4ae55db5b0b92bc89a

    • SHA512

      110e60fdcf9537dfbe04e9d73fbbfadb28f2824a50bc5e76e9879fa663830e3629c0633becb9f34ea74e0f39ca2bac8e94b13e6f8735d00c4f1da5f8bd18d875

    • SSDEEP

      12288:BGBrhBXzUNXocDtm+IAvFno+kO9HOdhaxNJnLb6YE9e+jQLcJ:UBHzUnY+/F1kOZkha/ZyYE46nJ

    Score
    7/10
    bootkitdiscoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks