Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2a9e9f6bcc018b4d34edcf5dd501046c_JaffaCakes118
-
Size
337KB
-
Sample
241009-esm2bayhrc
-
MD5
2a9e9f6bcc018b4d34edcf5dd501046c
-
SHA1
3b2e9cc7cc5319cfa0fd8a79d613fee7c3905754
-
SHA256
efb845eb4d7a4cf685ae80f194a653cd8e1bafff9735c86155209b6cf458322d
-
SHA512
f52687aa463266e8942c1e1411bc908ce451ed7c9b35dc028713778217eeb56ee7243f92a9223aa684d7edb1e20c8243a07e7ff9fd268c497c20a9d1e7612c76
-
SSDEEP
6144:0S+QH6yN8wfRe3q+2ZYbO2PY/eQanlrUJfnzCP/L2Si+gtsXYHuy4cT7/47R:eE6y66e3N272PYXZJePaSYtbuD7
Behavioral task
behavioral1
Sample
2a9e9f6bcc018b4d34edcf5dd501046c_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2a9e9f6bcc018b4d34edcf5dd501046c_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2a9e9f6bcc018b4d34edcf5dd501046c_JaffaCakes118
-
Size
337KB
-
MD5
2a9e9f6bcc018b4d34edcf5dd501046c
-
SHA1
3b2e9cc7cc5319cfa0fd8a79d613fee7c3905754
-
SHA256
efb845eb4d7a4cf685ae80f194a653cd8e1bafff9735c86155209b6cf458322d
-
SHA512
f52687aa463266e8942c1e1411bc908ce451ed7c9b35dc028713778217eeb56ee7243f92a9223aa684d7edb1e20c8243a07e7ff9fd268c497c20a9d1e7612c76
-
SSDEEP
6144:0S+QH6yN8wfRe3q+2ZYbO2PY/eQanlrUJfnzCP/L2Si+gtsXYHuy4cT7/47R:eE6y66e3N272PYXZJePaSYtbuD7
Score6/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1