Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04dd3d1868e0bd4f897be6e32bcb61c0_JaffaCakes118

  • Size

    184KB

  • Sample

    241001-jb41qaxfpp

  • MD5

    04dd3d1868e0bd4f897be6e32bcb61c0

  • SHA1

    9a4128edf3bdf22714b36677057b5da28c8c4ff7

  • SHA256

    f8b4e117d6b8476271dfdfe0e29740f7b61401125dfbf169b5d2a35017f7e035

  • SHA512

    b9e703174be246e61b116e9f6fe2017e1a87be36169490e7a262e5008c2226bb0d7ca9ff2c2df33ac038da4934a17acc7a9268abea8019088e2faf093cb9f914

  • SSDEEP

    3072:GWkWRM0We9kVF3GezUroWlBCtCmCdXC1D1NGW1l111111111111111111111111Z:GWkWXV9wUezUroW+tCmCCfNGS

Malware Config

Targets

    • Target

      04dd3d1868e0bd4f897be6e32bcb61c0_JaffaCakes118

    • Size

      184KB

    • MD5

      04dd3d1868e0bd4f897be6e32bcb61c0

    • SHA1

      9a4128edf3bdf22714b36677057b5da28c8c4ff7

    • SHA256

      f8b4e117d6b8476271dfdfe0e29740f7b61401125dfbf169b5d2a35017f7e035

    • SHA512

      b9e703174be246e61b116e9f6fe2017e1a87be36169490e7a262e5008c2226bb0d7ca9ff2c2df33ac038da4934a17acc7a9268abea8019088e2faf093cb9f914

    • SSDEEP

      3072:GWkWRM0We9kVF3GezUroWlBCtCmCdXC1D1NGW1l111111111111111111111111Z:GWkWXV9wUezUroW+tCmCCfNGS

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks