Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d5671add722cdca65ce15f29600eec47_JaffaCakes118
-
Size
232KB
-
Sample
240405-q3vppadf7x
-
MD5
d5671add722cdca65ce15f29600eec47
-
SHA1
bc417c926569205a12204446b966d72ca199e73c
-
SHA256
df112e32296232cbbee9e0da6b4d40659604b654de9f65500c97a7576c0a0060
-
SHA512
78be8ed94fd2e18280a9f8fa43b85569f98548901b7f924f9b49e72576b9cfbf4a34b8c74124381615549f940e2ac9f36f969cb142c8c9475dd665e42aecff65
-
SSDEEP
3072:h7//9yazxLySP4/LN/PCeSuwz2b4g3+40cLxucVyQU7g7a7/gt9+JzCTL8BbRSCc:hM3SPsZ/Pe2b/3EcLxuHF0mU9vA
Behavioral task
behavioral1
Sample
d5671add722cdca65ce15f29600eec47_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d5671add722cdca65ce15f29600eec47_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
d5671add722cdca65ce15f29600eec47_JaffaCakes118
-
Size
232KB
-
MD5
d5671add722cdca65ce15f29600eec47
-
SHA1
bc417c926569205a12204446b966d72ca199e73c
-
SHA256
df112e32296232cbbee9e0da6b4d40659604b654de9f65500c97a7576c0a0060
-
SHA512
78be8ed94fd2e18280a9f8fa43b85569f98548901b7f924f9b49e72576b9cfbf4a34b8c74124381615549f940e2ac9f36f969cb142c8c9475dd665e42aecff65
-
SSDEEP
3072:h7//9yazxLySP4/LN/PCeSuwz2b4g3+40cLxucVyQU7g7a7/gt9+JzCTL8BbRSCc:hM3SPsZ/Pe2b/3EcLxuHF0mU9vA
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-