Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1754ebe931873594934fbd55d8e15cd4_JaffaCakes118
-
Size
1009KB
-
Sample
241005-mmqt1svamd
-
MD5
1754ebe931873594934fbd55d8e15cd4
-
SHA1
35d58f622de6e7c78b4d67d808c4991289be9563
-
SHA256
af724128d5b20f4666ecea3704f295c8bc54d27fca3acf4bba5b9b0c1536eb72
-
SHA512
c231b8aece66aa3827de2b2a9766b215e0f82f8f8a907347c4054901b54329e69c41c43f428e76d396f163a82a484b7fef3c9935cdf67e7e3c94ba8f03657207
-
SSDEEP
24576:LNq3ncd5GZ9a1mQJ8U1jjQX5pDnUfvFJtCrPl+tEFfDi:JsncvCZg8MfQX5JUfSUtEFfG
Malware Config
Targets
-
-
Target
1754ebe931873594934fbd55d8e15cd4_JaffaCakes118
-
Size
1009KB
-
MD5
1754ebe931873594934fbd55d8e15cd4
-
SHA1
35d58f622de6e7c78b4d67d808c4991289be9563
-
SHA256
af724128d5b20f4666ecea3704f295c8bc54d27fca3acf4bba5b9b0c1536eb72
-
SHA512
c231b8aece66aa3827de2b2a9766b215e0f82f8f8a907347c4054901b54329e69c41c43f428e76d396f163a82a484b7fef3c9935cdf67e7e3c94ba8f03657207
-
SSDEEP
24576:LNq3ncd5GZ9a1mQJ8U1jjQX5pDnUfvFJtCrPl+tEFfDi:JsncvCZg8MfQX5JUfSUtEFfG
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1Privilege Escalation
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1