Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_66f492cdcc94f30af3215df19774e32b
-
Size
544KB
-
Sample
250311-yc1f9ask14
-
MD5
66f492cdcc94f30af3215df19774e32b
-
SHA1
b8b856be24a7d20ad3dcc56cbd6ef81c9bd06d7d
-
SHA256
018fab2a107547b2d5e106c1e3bc0fd5506a78f58e60b51e00da474052919b3c
-
SHA512
779ea2f2132f223af784bb2096d5eb2990d161c7c8ba0faf25889727d77fecef62632b79964cc293d4c6ff24d8f592818c0708c64a42c9dc75b66ce1bebfdae2
-
SSDEEP
12288:n9NuuoIGvwjMCTlekaNPRWPXA1mrahYJfuy:n9NLoTwjMElnOJW0mrhf
Malware Config
Targets
-
-
Target
JaffaCakes118_66f492cdcc94f30af3215df19774e32b
-
Size
544KB
-
MD5
66f492cdcc94f30af3215df19774e32b
-
SHA1
b8b856be24a7d20ad3dcc56cbd6ef81c9bd06d7d
-
SHA256
018fab2a107547b2d5e106c1e3bc0fd5506a78f58e60b51e00da474052919b3c
-
SHA512
779ea2f2132f223af784bb2096d5eb2990d161c7c8ba0faf25889727d77fecef62632b79964cc293d4c6ff24d8f592818c0708c64a42c9dc75b66ce1bebfdae2
-
SSDEEP
12288:n9NuuoIGvwjMCTlekaNPRWPXA1mrahYJfuy:n9NLoTwjMElnOJW0mrhf
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1