Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

JaffaCakes...1b.exe

windows7-x64

10

JaffaCakes...1b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_1fdb11d4a9416a97920e7e9f1c66ce1b

  • Size

    420KB

  • Sample

    250223-k3lh5a1qan

  • MD5

    1fdb11d4a9416a97920e7e9f1c66ce1b

  • SHA1

    4e462898b2cb19f29ea1d4fc2ca53528448adbbd

  • SHA256

    076c7181c04fc8ca5ad8cea4744d995da3d6a8ff8bc85ffea83f58bb1d73511b

  • SHA512

    963cf6d66a123c5ae1c40824b87f327bd6240b2cbd39f3f08c2eab2d7170023c1627d003daf32d09b75e4ab7c20884a1c17657ad2266ca11c4a2ce934c055f34

  • SSDEEP

    6144:zK3HTNGVvHI2zBHng5HaVsbZgRnyR4mULJhkHM6jI7H1D7puVSG:23HcVvo21ga0aQ4HLJhkHM6jI7VD7wL

Score
10/10
blackshadesdefense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      JaffaCakes118_1fdb11d4a9416a97920e7e9f1c66ce1b

    • Size

      420KB

    • MD5

      1fdb11d4a9416a97920e7e9f1c66ce1b

    • SHA1

      4e462898b2cb19f29ea1d4fc2ca53528448adbbd

    • SHA256

      076c7181c04fc8ca5ad8cea4744d995da3d6a8ff8bc85ffea83f58bb1d73511b

    • SHA512

      963cf6d66a123c5ae1c40824b87f327bd6240b2cbd39f3f08c2eab2d7170023c1627d003daf32d09b75e4ab7c20884a1c17657ad2266ca11c4a2ce934c055f34

    • SSDEEP

      6144:zK3HTNGVvHI2zBHng5HaVsbZgRnyR4mULJhkHM6jI7H1D7puVSG:23HcVvo21ga0aQ4HLJhkHM6jI7VD7wL

    Score
    10/10
    defense_evasiondiscoverypersistence

    • Modifies firewall policy service

      defense_evasion

    • Adds policy Run key to start application

      persistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks