Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f74d775faf7f38d45139c4d0a660bd83_JaffaCakes118
-
Size
192KB
-
Sample
240418-fhg8rach5x
-
MD5
f74d775faf7f38d45139c4d0a660bd83
-
SHA1
c98add460494e3a78ca45e48ad2f5b5b66ceae73
-
SHA256
c82d2589aba9589742206df7f8ae28c9304b2ae710a6afd2ef659ebb60b87fb9
-
SHA512
f4519249b92351da83ace16f3f12bea1b84d32a7134511b3a64d932d6a07cf4db3485d6b98330ac062f3bbfabe00d7d2576c30b14257a2e3a6fb5d5c4786cd8e
-
SSDEEP
3072:+CjqBwkYv4MLAA8k96HM0XU+aDe5UEjmIlmijI7rUGimMpL2HTV+Jbzt8lvRyGt0:+vB5ML3n+aC1meyUGimMpL2z4FmRTqyY
Static task
static1
Behavioral task
behavioral1
Sample
f74d775faf7f38d45139c4d0a660bd83_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f74d775faf7f38d45139c4d0a660bd83_JaffaCakes118
-
Size
192KB
-
MD5
f74d775faf7f38d45139c4d0a660bd83
-
SHA1
c98add460494e3a78ca45e48ad2f5b5b66ceae73
-
SHA256
c82d2589aba9589742206df7f8ae28c9304b2ae710a6afd2ef659ebb60b87fb9
-
SHA512
f4519249b92351da83ace16f3f12bea1b84d32a7134511b3a64d932d6a07cf4db3485d6b98330ac062f3bbfabe00d7d2576c30b14257a2e3a6fb5d5c4786cd8e
-
SSDEEP
3072:+CjqBwkYv4MLAA8k96HM0XU+aDe5UEjmIlmijI7rUGimMpL2HTV+Jbzt8lvRyGt0:+vB5ML3n+aC1meyUGimMpL2z4FmRTqyY
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-