Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    05ec50d5b797ebadc39b80f1ba5b5c30_JaffaCakes118

  • Size

    329KB

  • Sample

    241001-qa7hsavcng

  • MD5

    05ec50d5b797ebadc39b80f1ba5b5c30

  • SHA1

    15017bc249b7ce9757c5629272d3c1548c290777

  • SHA256

    ea0c5fe5eb6f6c850a9f8364c5f9cb174c93ba9b3ee446d36a99a2a3ea1fff02

  • SHA512

    95f280e3267daad1cbab64eef4cb556326bb32865dc06f8bed69461d5e4b35e1bf96ae440779fbb8e668befe9014fba591de3d832230b4ded89a08e5b43920f3

  • SSDEEP

    6144:siMF/X479SEAanPSIv0FB5iSbGqJQjdSHV:sI79SE1lMFmS+dYV

Malware Config

Targets

    • Target

      05ec50d5b797ebadc39b80f1ba5b5c30_JaffaCakes118

    • Size

      329KB

    • MD5

      05ec50d5b797ebadc39b80f1ba5b5c30

    • SHA1

      15017bc249b7ce9757c5629272d3c1548c290777

    • SHA256

      ea0c5fe5eb6f6c850a9f8364c5f9cb174c93ba9b3ee446d36a99a2a3ea1fff02

    • SHA512

      95f280e3267daad1cbab64eef4cb556326bb32865dc06f8bed69461d5e4b35e1bf96ae440779fbb8e668befe9014fba591de3d832230b4ded89a08e5b43920f3

    • SSDEEP

      6144:siMF/X479SEAanPSIv0FB5iSbGqJQjdSHV:sI79SE1lMFmS+dYV

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks