Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

5

JaffaCakes...02.exe

windows7-x64

7

JaffaCakes...02.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8a71a0b8a6336577edb2f3b859731802

  • Size

    47KB

  • Sample

    250328-h7btdavnt6

  • MD5

    8a71a0b8a6336577edb2f3b859731802

  • SHA1

    b06f83ff23705515c1b0eda30c5758ce7939fda6

  • SHA256

    0054d197aa97e397e40a525f3cde7bdbc5dfa72c898b46f8a0b8778958bc664e

  • SHA512

    5c3f3e94d119dcc9a6b76f2f1748b0ca1e369f4fd00291f6c13a5bf9a44a3bae43ba62b34a70d1037da8734169578eec8a62ec16dd3f4235cf207dbe98af2fd0

  • SSDEEP

    768:ZcpEK+ykB87ri5m5G5aDBMo52bgWvo7B4fcZzNk0ACacXf1umuo6dnpXw5l/bjPW:ZS9667QmcxgWOBE0NacP1u1HXCbjPDzG

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      JaffaCakes118_8a71a0b8a6336577edb2f3b859731802

    • Size

      47KB

    • MD5

      8a71a0b8a6336577edb2f3b859731802

    • SHA1

      b06f83ff23705515c1b0eda30c5758ce7939fda6

    • SHA256

      0054d197aa97e397e40a525f3cde7bdbc5dfa72c898b46f8a0b8778958bc664e

    • SHA512

      5c3f3e94d119dcc9a6b76f2f1748b0ca1e369f4fd00291f6c13a5bf9a44a3bae43ba62b34a70d1037da8734169578eec8a62ec16dd3f4235cf207dbe98af2fd0

    • SSDEEP

      768:ZcpEK+ykB87ri5m5G5aDBMo52bgWvo7B4fcZzNk0ACacXf1umuo6dnpXw5l/bjPW:ZS9667QmcxgWOBE0NacP1u1HXCbjPDzG

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • Deletes itself

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks