Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    05e1a2d1c8f499961d117b0151aa9b57_JaffaCakes118

  • Size

    154KB

  • Sample

    241001-p3bfdathlc

  • MD5

    05e1a2d1c8f499961d117b0151aa9b57

  • SHA1

    efba452f343aef7d9f14e7643c63c5318845a66b

  • SHA256

    f50de6cc6268c75f0273dc806eeca20389dc6ebfc0de5e821e408f27d2620f40

  • SHA512

    94ff0a69c57a77a358bf06d98e824852946dba18715e5125b156860bc7c947206560b2ace60cbefcc79cb74d3411a5c49808902fe89efa932c12f392bcd0c4eb

  • SSDEEP

    3072:WHUkV92apgkgawkuF9I1doR9AQf1b7BnXoRnGZej2KHRH+lVMYqdl8Sx:Wt72MVganII1doHv1FXoYZ/SHUwdN

Malware Config

Targets

    • Target

      05e1a2d1c8f499961d117b0151aa9b57_JaffaCakes118

    • Size

      154KB

    • MD5

      05e1a2d1c8f499961d117b0151aa9b57

    • SHA1

      efba452f343aef7d9f14e7643c63c5318845a66b

    • SHA256

      f50de6cc6268c75f0273dc806eeca20389dc6ebfc0de5e821e408f27d2620f40

    • SHA512

      94ff0a69c57a77a358bf06d98e824852946dba18715e5125b156860bc7c947206560b2ace60cbefcc79cb74d3411a5c49808902fe89efa932c12f392bcd0c4eb

    • SSDEEP

      3072:WHUkV92apgkgawkuF9I1doR9AQf1b7BnXoRnGZej2KHRH+lVMYqdl8Sx:Wt72MVganII1doHv1FXoYZ/SHUwdN

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks