Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5727807d7123d43e38692be3749e2422_JaffaCakes118

  • Size

    24KB

  • Sample

    241018-ne7m8stfmg

  • MD5

    5727807d7123d43e38692be3749e2422

  • SHA1

    0a541356e86fde7c7486889e1e852815f5a6b750

  • SHA256

    a8b3c12a3870c9c3aab2958e3fd52b72027d2293641aafe545f9c0ae219e3c3c

  • SHA512

    7a7d7d2d72b3676ee13b8c3c20f8072d3324c0dc985a88a2e54be611b6ac4c8e237cc56ac1d9daf9984f4d433e7735d3ffa7ee8a6380f111843dff530f59fc67

  • SSDEEP

    384:FdD9d6G4q6glPDFBIdHRhZ1KvuitlKN8uujOmkUzgIlk9JMD:FaaFYZ1gKN8dNk0gIyz2

Malware Config

Targets

    • Target

      5727807d7123d43e38692be3749e2422_JaffaCakes118

    • Size

      24KB

    • MD5

      5727807d7123d43e38692be3749e2422

    • SHA1

      0a541356e86fde7c7486889e1e852815f5a6b750

    • SHA256

      a8b3c12a3870c9c3aab2958e3fd52b72027d2293641aafe545f9c0ae219e3c3c

    • SHA512

      7a7d7d2d72b3676ee13b8c3c20f8072d3324c0dc985a88a2e54be611b6ac4c8e237cc56ac1d9daf9984f4d433e7735d3ffa7ee8a6380f111843dff530f59fc67

    • SSDEEP

      384:FdD9d6G4q6glPDFBIdHRhZ1KvuitlKN8uujOmkUzgIlk9JMD:FaaFYZ1gKN8dNk0gIyz2

    • Modifies firewall policy service

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks