Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7627029e251620ee363f3c6100dcd99e_JaffaCakes118

  • Size

    127KB

  • Sample

    241027-1xcxss1mdw

  • MD5

    7627029e251620ee363f3c6100dcd99e

  • SHA1

    4c3d4a98ce9451fbb44cdd6d66357da265685973

  • SHA256

    93b9fd7b36d34c4b28192092a7e2f50ea7421396bbf086ee63180aba63586e8f

  • SHA512

    8915ece12daef4083416e10a63eece2fd7dd5c73efa8a3e155b31c527043236e3fede75c3b0598ba74d468085233b49778be251dd01bf014437743ffa2e12544

  • SSDEEP

    3072:ekVD1BSqao9c3HwsanTdgyOxsP+f+uje:PSqjc3HsTaxoqhj

Malware Config

Targets

    • Target

      7627029e251620ee363f3c6100dcd99e_JaffaCakes118

    • Size

      127KB

    • MD5

      7627029e251620ee363f3c6100dcd99e

    • SHA1

      4c3d4a98ce9451fbb44cdd6d66357da265685973

    • SHA256

      93b9fd7b36d34c4b28192092a7e2f50ea7421396bbf086ee63180aba63586e8f

    • SHA512

      8915ece12daef4083416e10a63eece2fd7dd5c73efa8a3e155b31c527043236e3fede75c3b0598ba74d468085233b49778be251dd01bf014437743ffa2e12544

    • SSDEEP

      3072:ekVD1BSqao9c3HwsanTdgyOxsP+f+uje:PSqjc3HsTaxoqhj

    • Modifies firewall policy service

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • Ramnit family

    • Drops file in Drivers directory

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks