Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_8a98f9aaf6ba4f04ac5e6283a6a28ef4
-
Size
276KB
-
Sample
250328-mqwvfavvbw
-
MD5
8a98f9aaf6ba4f04ac5e6283a6a28ef4
-
SHA1
3bcf65109888331a70b6e186766dc60de91b17a0
-
SHA256
48ed2f5100e2db6872011e85ba6b9bf45cf3d21c88e8753aea2c3f4557faf24a
-
SHA512
edd924889111dc2ca345025b95974444470ac020f933cda0f39a922aae8ecd521b9d28812a4e6eb616dbdfdeb3aea8fc30e993f05c4ce852ea094b149bb1d16b
-
SSDEEP
1536:EZLMJ249icel/Z01/NBX4UDpegM3zwACUJGLqKmGZTlP2cG1o60cmzi24pAVNg6d:QAX0e1FB/DpKjCLGAwAVzfOqyb3g
Malware Config
Targets
-
-
Target
JaffaCakes118_8a98f9aaf6ba4f04ac5e6283a6a28ef4
-
Size
276KB
-
MD5
8a98f9aaf6ba4f04ac5e6283a6a28ef4
-
SHA1
3bcf65109888331a70b6e186766dc60de91b17a0
-
SHA256
48ed2f5100e2db6872011e85ba6b9bf45cf3d21c88e8753aea2c3f4557faf24a
-
SHA512
edd924889111dc2ca345025b95974444470ac020f933cda0f39a922aae8ecd521b9d28812a4e6eb616dbdfdeb3aea8fc30e993f05c4ce852ea094b149bb1d16b
-
SSDEEP
1536:EZLMJ249icel/Z01/NBX4UDpegM3zwACUJGLqKmGZTlP2cG1o60cmzi24pAVNg6d:QAX0e1FB/DpKjCLGAwAVzfOqyb3g
Score10/10-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4