Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1caae598f7385ec3a7480a7dfb9e059a_JaffaCakes118
-
Size
3.6MB
-
Sample
240329-jpdqpadd78
-
MD5
1caae598f7385ec3a7480a7dfb9e059a
-
SHA1
236545e3b19703c942caee2d380b8f475b34b29f
-
SHA256
15dbec53eec39a12947a6e575d5b722aeff28a0d5ae5529c20d5995f8a02c8d2
-
SHA512
62392b4ad9b7b6cb77d11e60d8f7d0c80653aec4c469f557ac207e0b1f7df55432b779b87fe5ae8350d03c54daf238fafa80bf12f6f29c2561433a594bbf2209
-
SSDEEP
98304:ABQPJ7Id7A6gp7b0wWxCqmLDux+9y+g5Ld43zM7xLGhGJ:ABQPJ7+7ATp7b1WxrmXu+yI3zM7RGIJ
Behavioral task
behavioral1
Sample
1caae598f7385ec3a7480a7dfb9e059a_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
1caae598f7385ec3a7480a7dfb9e059a_JaffaCakes118
-
Size
3.6MB
-
MD5
1caae598f7385ec3a7480a7dfb9e059a
-
SHA1
236545e3b19703c942caee2d380b8f475b34b29f
-
SHA256
15dbec53eec39a12947a6e575d5b722aeff28a0d5ae5529c20d5995f8a02c8d2
-
SHA512
62392b4ad9b7b6cb77d11e60d8f7d0c80653aec4c469f557ac207e0b1f7df55432b779b87fe5ae8350d03c54daf238fafa80bf12f6f29c2561433a594bbf2209
-
SSDEEP
98304:ABQPJ7Id7A6gp7b0wWxCqmLDux+9y+g5Ld43zM7xLGhGJ:ABQPJ7+7ATp7b1WxrmXu+yI3zM7RGIJ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-