Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5727807d7123d43e38692be3749e2422_JaffaCakes118
-
Size
24KB
-
Sample
241018-ne7m8stfmg
-
MD5
5727807d7123d43e38692be3749e2422
-
SHA1
0a541356e86fde7c7486889e1e852815f5a6b750
-
SHA256
a8b3c12a3870c9c3aab2958e3fd52b72027d2293641aafe545f9c0ae219e3c3c
-
SHA512
7a7d7d2d72b3676ee13b8c3c20f8072d3324c0dc985a88a2e54be611b6ac4c8e237cc56ac1d9daf9984f4d433e7735d3ffa7ee8a6380f111843dff530f59fc67
-
SSDEEP
384:FdD9d6G4q6glPDFBIdHRhZ1KvuitlKN8uujOmkUzgIlk9JMD:FaaFYZ1gKN8dNk0gIyz2
Static task
static1
Behavioral task
behavioral1
Sample
5727807d7123d43e38692be3749e2422_JaffaCakes118.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5727807d7123d43e38692be3749e2422_JaffaCakes118.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
5727807d7123d43e38692be3749e2422_JaffaCakes118
-
Size
24KB
-
MD5
5727807d7123d43e38692be3749e2422
-
SHA1
0a541356e86fde7c7486889e1e852815f5a6b750
-
SHA256
a8b3c12a3870c9c3aab2958e3fd52b72027d2293641aafe545f9c0ae219e3c3c
-
SHA512
7a7d7d2d72b3676ee13b8c3c20f8072d3324c0dc985a88a2e54be611b6ac4c8e237cc56ac1d9daf9984f4d433e7735d3ffa7ee8a6380f111843dff530f59fc67
-
SSDEEP
384:FdD9d6G4q6glPDFBIdHRhZ1KvuitlKN8uujOmkUzgIlk9JMD:FaaFYZ1gKN8dNk0gIyz2
Score10/10-
Modifies firewall policy service
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1AppInit DLLs
1