Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
de2c7f0c6eefa78e777e1f1568e4da58_JaffaCakes118
-
Size
124KB
-
Sample
241210-xgff7synfl
-
MD5
de2c7f0c6eefa78e777e1f1568e4da58
-
SHA1
64a60706f4723d2ec06f3699450fec69ac0ae64b
-
SHA256
a8eb3ab10cb14bed0b28ed85cb894f1ebec8c5bca9c12d9f2e0a493ee9c2085a
-
SHA512
1aa2c1c4231ce42f52cb9b5cb351f1846d9484572f9a0e7789677073b14c779d779b6f9e336e992450135ccfdd91407d24ed7d70e40b8530aabade295d26f5df
-
SSDEEP
1536:gReaUFFoHx8ZF0s0KFtEU4ZZJmBRZ1j0/PNJbesl31v7ihxrUmNm4JoPL:ShR8ZF5pEJZfmvZpGd97ihxrZFoPL
Static task
static1
Behavioral task
behavioral1
Sample
de2c7f0c6eefa78e777e1f1568e4da58_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
de2c7f0c6eefa78e777e1f1568e4da58_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
de2c7f0c6eefa78e777e1f1568e4da58_JaffaCakes118
-
Size
124KB
-
MD5
de2c7f0c6eefa78e777e1f1568e4da58
-
SHA1
64a60706f4723d2ec06f3699450fec69ac0ae64b
-
SHA256
a8eb3ab10cb14bed0b28ed85cb894f1ebec8c5bca9c12d9f2e0a493ee9c2085a
-
SHA512
1aa2c1c4231ce42f52cb9b5cb351f1846d9484572f9a0e7789677073b14c779d779b6f9e336e992450135ccfdd91407d24ed7d70e40b8530aabade295d26f5df
-
SSDEEP
1536:gReaUFFoHx8ZF0s0KFtEU4ZZJmBRZ1j0/PNJbesl31v7ihxrUmNm4JoPL:ShR8ZF5pEJZfmvZpGd97ihxrZFoPL
-
Modifies visibility of file extensions in Explorer
-
Sality family
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hide Artifacts
1Hidden Files and Directories
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
6