Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e34f8f0f44553a2a900eb883ebd6e47b_JaffaCakes118
-
Size
998KB
-
Sample
240406-z67cbsbc2y
-
MD5
e34f8f0f44553a2a900eb883ebd6e47b
-
SHA1
ae248c0da65d58477e369f273ec9dfd430d6e68d
-
SHA256
7b965745d195758847cde9e553793844848162faeaa782f71accd523c4e139af
-
SHA512
3ddc41028cc54a556c60aedca903f560af1814ce2f76a61a4bc619aea4174e50c202978654f11a79ab501c13f5bf2ef6a3e83320f8a9f986cb0bb0ad760657a6
-
SSDEEP
24576:IEgUJ+Lvx9d5+4xFBS5HhvoFQUmIjq+T0mmcSv:uW4OHVKmIOq4v
Behavioral task
behavioral1
Sample
e34f8f0f44553a2a900eb883ebd6e47b_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
e34f8f0f44553a2a900eb883ebd6e47b_JaffaCakes118.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
e34f8f0f44553a2a900eb883ebd6e47b_JaffaCakes118
-
Size
998KB
-
MD5
e34f8f0f44553a2a900eb883ebd6e47b
-
SHA1
ae248c0da65d58477e369f273ec9dfd430d6e68d
-
SHA256
7b965745d195758847cde9e553793844848162faeaa782f71accd523c4e139af
-
SHA512
3ddc41028cc54a556c60aedca903f560af1814ce2f76a61a4bc619aea4174e50c202978654f11a79ab501c13f5bf2ef6a3e83320f8a9f986cb0bb0ad760657a6
-
SSDEEP
24576:IEgUJ+Lvx9d5+4xFBS5HhvoFQUmIjq+T0mmcSv:uW4OHVKmIOq4v
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-