Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    45192e992528c5258bc4489af4c360b3_JaffaCakes118

  • Size

    875KB

  • Sample

    241015-bk3j9awcrh

  • MD5

    45192e992528c5258bc4489af4c360b3

  • SHA1

    6d04e024ccb25932f3a36916c792d0fa371f0321

  • SHA256

    a5522a608aa89f1099469db4c9d8cb7d4374f2c522a83982ef4ede428c03bb88

  • SHA512

    61b7ca09ad4f6ffa2e85d6588b22a11faa0ae27f077bb1808fe740ba47cb28b08fb55b2537935b0adf8d405ba21f263c56028ebdc9d116c5d3f4e10ddec331b5

  • SSDEEP

    12288:UYXuVnBVWuhsPLIMguUhF7Be+fWBU1JgM0IexqFcr6mxsdoM2IPm+sfjTk:srhA8Ro+YU1JPexpWssdoRI++sfjTk

Malware Config

Targets

    • Target

      45192e992528c5258bc4489af4c360b3_JaffaCakes118

    • Size

      875KB

    • MD5

      45192e992528c5258bc4489af4c360b3

    • SHA1

      6d04e024ccb25932f3a36916c792d0fa371f0321

    • SHA256

      a5522a608aa89f1099469db4c9d8cb7d4374f2c522a83982ef4ede428c03bb88

    • SHA512

      61b7ca09ad4f6ffa2e85d6588b22a11faa0ae27f077bb1808fe740ba47cb28b08fb55b2537935b0adf8d405ba21f263c56028ebdc9d116c5d3f4e10ddec331b5

    • SSDEEP

      12288:UYXuVnBVWuhsPLIMguUhF7Be+fWBU1JgM0IexqFcr6mxsdoM2IPm+sfjTk:srhA8Ro+YU1JPexpWssdoRI++sfjTk

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks