Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
165a4ffdc2704770eeef07e1e5146c94_JaffaCakes118
-
Size
220KB
-
Sample
241005-f8gpxasdkf
-
MD5
165a4ffdc2704770eeef07e1e5146c94
-
SHA1
db54b38dff50e311e8edb4653443ef4b38600f5d
-
SHA256
df39062472a59fb27f9951169229053a7cd2c49d1fe0bc1abe1d10548c44695d
-
SHA512
3c3786853e4ac4ae35f86c364bb8be4757961651b039b9b1a8630e25f53572c73c3012db1f07f335dbc3a2fd654bb58700138f527bf2631c7d7428dbc182afc1
-
SSDEEP
3072:yOkEXFtVI7huijzivefSjIeVXcJZn+ehHcNeBS1SNmiH3jDfRtoJpUCIwZ1ApqKw:fkEXFtV6ncxXcJZkNe6fQB2zUDw
Malware Config
Targets
-
-
Target
165a4ffdc2704770eeef07e1e5146c94_JaffaCakes118
-
Size
220KB
-
MD5
165a4ffdc2704770eeef07e1e5146c94
-
SHA1
db54b38dff50e311e8edb4653443ef4b38600f5d
-
SHA256
df39062472a59fb27f9951169229053a7cd2c49d1fe0bc1abe1d10548c44695d
-
SHA512
3c3786853e4ac4ae35f86c364bb8be4757961651b039b9b1a8630e25f53572c73c3012db1f07f335dbc3a2fd654bb58700138f527bf2631c7d7428dbc182afc1
-
SSDEEP
3072:yOkEXFtVI7huijzivefSjIeVXcJZn+ehHcNeBS1SNmiH3jDfRtoJpUCIwZ1ApqKw:fkEXFtV6ncxXcJZkNe6fQB2zUDw
Score8/10-
Creates new service(s)
-
Drops file in Drivers directory
-
Modifies Windows Firewall
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1System Services
1Service Execution
1Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Server Software Component
1Terminal Services DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
1