Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
03087282bff4648494fad71faaf8176c_JaffaCakes118
-
Size
1.1MB
-
Sample
240427-mdc7kahb6w
-
MD5
03087282bff4648494fad71faaf8176c
-
SHA1
2c2db6864fbd030691de8fd66eec882b5f89ffc1
-
SHA256
32b7fdc1308d2414383dc5cda0942e84bdc3072b5157f4175254bd064b21b802
-
SHA512
0c7e03498869a8ec16411ff76a474cdc6161d38a287114b3ccfe8c0d086ac1b8519adaa0041fca919af7c4477f728b16315c353323bbeb0dea5dd1be8420017b
-
SSDEEP
24576:hax2z+5P9W4bveC4KuEemOw8iz5GKRgB8V9Urv0Jf:Ex2z2VDbveC4KucT8yGKe872v0Jf
Static task
static1
Behavioral task
behavioral1
Sample
03087282bff4648494fad71faaf8176c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
03087282bff4648494fad71faaf8176c_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
03087282bff4648494fad71faaf8176c_JaffaCakes118
-
Size
1.1MB
-
MD5
03087282bff4648494fad71faaf8176c
-
SHA1
2c2db6864fbd030691de8fd66eec882b5f89ffc1
-
SHA256
32b7fdc1308d2414383dc5cda0942e84bdc3072b5157f4175254bd064b21b802
-
SHA512
0c7e03498869a8ec16411ff76a474cdc6161d38a287114b3ccfe8c0d086ac1b8519adaa0041fca919af7c4477f728b16315c353323bbeb0dea5dd1be8420017b
-
SSDEEP
24576:hax2z+5P9W4bveC4KuEemOw8iz5GKRgB8V9Urv0Jf:Ex2z2VDbveC4KucT8yGKe872v0Jf
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-