Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    067878c7aab927e5cb6c80cd3b9efbeb_JaffaCakes118

  • Size

    3KB

  • Sample

    241001-tmh8hascpe

  • MD5

    067878c7aab927e5cb6c80cd3b9efbeb

  • SHA1

    3d92de6374c8e51ae0cf3cc8639c5279e6704979

  • SHA256

    1de5d7603f63ad7c0bda41397d78cac2c4d121e4b340e2e8da7f253907b0a319

  • SHA512

    3e7bd7b2362e5f0e1b1355fad9f89f9bba76e9601877425491e480b58c5750ea29d65f9e930189247c11568c1d5fdd4a03122018ad77e15f62b0b5e9e2286fce

Malware Config

Targets

    • Target

      067878c7aab927e5cb6c80cd3b9efbeb_JaffaCakes118

    • Size

      3KB

    • MD5

      067878c7aab927e5cb6c80cd3b9efbeb

    • SHA1

      3d92de6374c8e51ae0cf3cc8639c5279e6704979

    • SHA256

      1de5d7603f63ad7c0bda41397d78cac2c4d121e4b340e2e8da7f253907b0a319

    • SHA512

      3e7bd7b2362e5f0e1b1355fad9f89f9bba76e9601877425491e480b58c5750ea29d65f9e930189247c11568c1d5fdd4a03122018ad77e15f62b0b5e9e2286fce

    • Modifies WinLogon for persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks