Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_45b32e06e7e635a70c559619c16874c0
-
Size
159KB
-
Sample
250101-d47z7atjhw
-
MD5
45b32e06e7e635a70c559619c16874c0
-
SHA1
86ba0c290331012bde04ebe071bbe24652d9d906
-
SHA256
87e086c7b57703c50e97989baba2f17aad5243de2e2240bba2b6cc55d9e025e4
-
SHA512
ec21abff54a88d8cfc86adbe9585adc280e494f9c2f48f090eae618c81868dac5b69c969c867a4c5474a85a9f4df134641fdf39566f48964401997169e1340e4
-
SSDEEP
3072:H5dnu0W5ZyYi+KpM6TWRrtGGF4mwNZ3JKggNcF2jqc+3z9TNuoVZYVGY:fnxIZhKp10FYKkMGc+3z9TDcYY
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_45b32e06e7e635a70c559619c16874c0.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
JaffaCakes118_45b32e06e7e635a70c559619c16874c0.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
JaffaCakes118_45b32e06e7e635a70c559619c16874c0
-
Size
159KB
-
MD5
45b32e06e7e635a70c559619c16874c0
-
SHA1
86ba0c290331012bde04ebe071bbe24652d9d906
-
SHA256
87e086c7b57703c50e97989baba2f17aad5243de2e2240bba2b6cc55d9e025e4
-
SHA512
ec21abff54a88d8cfc86adbe9585adc280e494f9c2f48f090eae618c81868dac5b69c969c867a4c5474a85a9f4df134641fdf39566f48964401997169e1340e4
-
SSDEEP
3072:H5dnu0W5ZyYi+KpM6TWRrtGGF4mwNZ3JKggNcF2jqc+3z9TNuoVZYVGY:fnxIZhKp10FYKkMGc+3z9TDcYY
-
Modifies firewall policy service
-
Sality family
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5