Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4308ae110df0f98b9e7581ec8ff67cd4_JaffaCakes118
-
Size
1.0MB
-
Sample
241014-tm14batdmg
-
MD5
4308ae110df0f98b9e7581ec8ff67cd4
-
SHA1
267bfe615418a8b0801f7b7bc6b99bb05c3aee72
-
SHA256
9bed6455867b7b429afd81181ecf71f482333e173cd36a55e69bbace4f66d211
-
SHA512
9d68ce56cde314e5590f287b3b6a3e73f60397bdb4f31472b2704d7bcc3aedcddc0a1eda620eb64c78d5c9af3ef9bea1c8c70ce0906a829f1a669e68b4e1e990
-
SSDEEP
24576:1ztxCqDCMc6+wubUifEmaKz7hGTRSDl9GEMSyRwsWvkFj:LsTREiz7eR4l93kFj
Static task
static1
Behavioral task
behavioral1
Sample
4308ae110df0f98b9e7581ec8ff67cd4_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4308ae110df0f98b9e7581ec8ff67cd4_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4308ae110df0f98b9e7581ec8ff67cd4_JaffaCakes118
-
Size
1.0MB
-
MD5
4308ae110df0f98b9e7581ec8ff67cd4
-
SHA1
267bfe615418a8b0801f7b7bc6b99bb05c3aee72
-
SHA256
9bed6455867b7b429afd81181ecf71f482333e173cd36a55e69bbace4f66d211
-
SHA512
9d68ce56cde314e5590f287b3b6a3e73f60397bdb4f31472b2704d7bcc3aedcddc0a1eda620eb64c78d5c9af3ef9bea1c8c70ce0906a829f1a669e68b4e1e990
-
SSDEEP
24576:1ztxCqDCMc6+wubUifEmaKz7hGTRSDl9GEMSyRwsWvkFj:LsTREiz7eR4l93kFj
Score7/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1