Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

JaffaCakes...a8.exe

windows7-x64

3

JaffaCakes...a8.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_98202efc22c3b6bb6c22feb17d1edba8

  • Size

    39KB

  • Sample

    250204-zntcratkgp

  • MD5

    98202efc22c3b6bb6c22feb17d1edba8

  • SHA1

    b4f26d5c646acc6a879edfbadbfa23e50a7d8d1e

  • SHA256

    ca861fbd61f80e9eb9560e42aa302484c57e48b683996f3dfd50df6bd36689e8

  • SHA512

    6ab3cb58975267b9b6a85dbfccdb791bb7b64ba763cbb5dfdfd74926d108ac7a6c9c44865cedd373269843b5c2d015f0a273e352e11ff018b90d3cec2866f0ec

  • SSDEEP

    384:BJXf4EZcPaMwQnT/qSSMAIgyWEDk+qK5LM5k4HoP+ExX1Lyzu1B6bmhBnqCiQ3Tk:H7cCM1kK5OkhP1LyzScCLqgQp3

Score
8/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      JaffaCakes118_98202efc22c3b6bb6c22feb17d1edba8

    • Size

      39KB

    • MD5

      98202efc22c3b6bb6c22feb17d1edba8

    • SHA1

      b4f26d5c646acc6a879edfbadbfa23e50a7d8d1e

    • SHA256

      ca861fbd61f80e9eb9560e42aa302484c57e48b683996f3dfd50df6bd36689e8

    • SHA512

      6ab3cb58975267b9b6a85dbfccdb791bb7b64ba763cbb5dfdfd74926d108ac7a6c9c44865cedd373269843b5c2d015f0a273e352e11ff018b90d3cec2866f0ec

    • SSDEEP

      384:BJXf4EZcPaMwQnT/qSSMAIgyWEDk+qK5LM5k4HoP+ExX1Lyzu1B6bmhBnqCiQ3Tk:H7cCM1kK5OkhP1LyzScCLqgQp3

    Score
    8/10
    discoverypersistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks