Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e61bde0afbefc407b26689a41b4a7c22_JaffaCakes118
-
Size
2.7MB
-
Sample
240407-3frqqshh56
-
MD5
e61bde0afbefc407b26689a41b4a7c22
-
SHA1
343b4a530a5f349ca08f541b677045ecbd3c7abf
-
SHA256
fc5aa4b23e552652ca8298ff21fac3f9674d22923186a08a5081f24cc9673c13
-
SHA512
bc8797ab447a581d63efa6f07a2fa2dbbbe2823d2bf1f166ca18d54008fb8fc1982b0cd729889f0b0c819219f284c72713b78e2e51002eae9290c2916505c336
-
SSDEEP
49152:bTerQZbd20erQZbd20erQZbd20erQZbd20erQZbd21d:+rQZ6rQZ6rQZ6rQZ6rQZi
Static task
static1
Behavioral task
behavioral1
Sample
e61bde0afbefc407b26689a41b4a7c22_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e61bde0afbefc407b26689a41b4a7c22_JaffaCakes118.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
e61bde0afbefc407b26689a41b4a7c22_JaffaCakes118
-
Size
2.7MB
-
MD5
e61bde0afbefc407b26689a41b4a7c22
-
SHA1
343b4a530a5f349ca08f541b677045ecbd3c7abf
-
SHA256
fc5aa4b23e552652ca8298ff21fac3f9674d22923186a08a5081f24cc9673c13
-
SHA512
bc8797ab447a581d63efa6f07a2fa2dbbbe2823d2bf1f166ca18d54008fb8fc1982b0cd729889f0b0c819219f284c72713b78e2e51002eae9290c2916505c336
-
SSDEEP
49152:bTerQZbd20erQZbd20erQZbd20erQZbd20erQZbd21d:+rQZ6rQZ6rQZ6rQZ6rQZi
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-