Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
29fe2c949b974249d80eb4bef2cddebc_JaffaCakes118
-
Size
7.9MB
-
Sample
240329-xhdn1afc6z
-
MD5
29fe2c949b974249d80eb4bef2cddebc
-
SHA1
d4bdbbc3a9f0cc9a01ea05019532a064f12653ca
-
SHA256
151274aeb9c0cc6a0f441c7a42f4ab5c2b58574989e499deabba4cdf35961543
-
SHA512
f0893fe54b2d1f23e8d135bb0a1e0dfe7d6e8d5665780ba56c87768a51d46ab8aeea7bd96656bc1acca9dcc20be4b58078cc98ab8ff80a837adc14df4f19d99f
-
SSDEEP
196608:8Lazg7DSmLazg7DSmLazg7DSmLazg7DSN:rg7uRg7uRg7uRg7uN
Static task
static1
Behavioral task
behavioral1
Sample
29fe2c949b974249d80eb4bef2cddebc_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
29fe2c949b974249d80eb4bef2cddebc_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
29fe2c949b974249d80eb4bef2cddebc_JaffaCakes118
-
Size
7.9MB
-
MD5
29fe2c949b974249d80eb4bef2cddebc
-
SHA1
d4bdbbc3a9f0cc9a01ea05019532a064f12653ca
-
SHA256
151274aeb9c0cc6a0f441c7a42f4ab5c2b58574989e499deabba4cdf35961543
-
SHA512
f0893fe54b2d1f23e8d135bb0a1e0dfe7d6e8d5665780ba56c87768a51d46ab8aeea7bd96656bc1acca9dcc20be4b58078cc98ab8ff80a837adc14df4f19d99f
-
SSDEEP
196608:8Lazg7DSmLazg7DSmLazg7DSmLazg7DSN:rg7uRg7uRg7uRg7uN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-