Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f51892f6d4ee376d5b2472d51e5a6729_JaffaCakes118
-
Size
494KB
-
Sample
240417-frl83afh91
-
MD5
f51892f6d4ee376d5b2472d51e5a6729
-
SHA1
e68bc433795b01e2844f70dabaf512a519daadcd
-
SHA256
11742b1b7437e34b15baafe3e44a7cf5a14d9b149ddb87499c42dd9fdbd5661a
-
SHA512
f878b9f065894e0fe6449c0c1ca7fee4f1aacebc8925067d4af053bd7af0972dbce9a47814d864387fad13d7dad60352596c9975a177a1111aa5e79f6f0ad92f
-
SSDEEP
12288:mnKfyxV2ImdvPGBFfi8WuJ6+1x0KCYT88VtX0n:WKfwV2HtPgFfN9/pD4
Static task
static1
Behavioral task
behavioral1
Sample
f51892f6d4ee376d5b2472d51e5a6729_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
f51892f6d4ee376d5b2472d51e5a6729_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f51892f6d4ee376d5b2472d51e5a6729_JaffaCakes118
-
Size
494KB
-
MD5
f51892f6d4ee376d5b2472d51e5a6729
-
SHA1
e68bc433795b01e2844f70dabaf512a519daadcd
-
SHA256
11742b1b7437e34b15baafe3e44a7cf5a14d9b149ddb87499c42dd9fdbd5661a
-
SHA512
f878b9f065894e0fe6449c0c1ca7fee4f1aacebc8925067d4af053bd7af0972dbce9a47814d864387fad13d7dad60352596c9975a177a1111aa5e79f6f0ad92f
-
SSDEEP
12288:mnKfyxV2ImdvPGBFfi8WuJ6+1x0KCYT88VtX0n:WKfwV2HtPgFfN9/pD4
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-