Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

5

JaffaCakes...91.exe

windows7-x64

6

JaffaCakes...91.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c3d1e64feac17bd5d7542027d8183f91

  • Size

    338KB

  • Sample

    250208-rb4zqayndt

  • MD5

    c3d1e64feac17bd5d7542027d8183f91

  • SHA1

    7fa08febf664d123a8adcaeb4bbefe4aab1b4606

  • SHA256

    be5cb1787f55a8ebc28820e7d5d1ad512a6ffa6548de372bb8e787592c7dbbf7

  • SHA512

    7e5e4478cd378f6cbb3fc30dd8db547352f6dda28e4999ec18b5e57bae2bad9bc755d3aa2b3141a982307535eaeb6ee09c76d3b78066a3ad96462d4707c64626

  • SSDEEP

    6144:8A5wVdCy6wrbDY0rDqTWC4zEDzKuTrSbxc97cnafgSPJkeZxMTX5KYnNQuKsT:8jyy64VrDqTWIzW+9YsZJrxOFNT

Score
8/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      JaffaCakes118_c3d1e64feac17bd5d7542027d8183f91

    • Size

      338KB

    • MD5

      c3d1e64feac17bd5d7542027d8183f91

    • SHA1

      7fa08febf664d123a8adcaeb4bbefe4aab1b4606

    • SHA256

      be5cb1787f55a8ebc28820e7d5d1ad512a6ffa6548de372bb8e787592c7dbbf7

    • SHA512

      7e5e4478cd378f6cbb3fc30dd8db547352f6dda28e4999ec18b5e57bae2bad9bc755d3aa2b3141a982307535eaeb6ee09c76d3b78066a3ad96462d4707c64626

    • SSDEEP

      6144:8A5wVdCy6wrbDY0rDqTWC4zEDzKuTrSbxc97cnafgSPJkeZxMTX5KYnNQuKsT:8jyy64VrDqTWIzW+9YsZJrxOFNT

    Score
    8/10
    bootkitdiscoverypersistenceupx

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks