Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3041b79a3c1...18.exe
windows7-x64
7041b79a3c1...18.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/ngz.dll
windows7-x64
3$PLUGINSDIR/ngz.dll
windows10-2004-x64
3$PLUGINSDI...nz.dll
windows7-x64
3$PLUGINSDI...nz.dll
windows10-2004-x64
3General
-
Target
041b79a3c1c08bf01f4dc2aab6099c6c_JaffaCakes118
-
Size
606KB
-
Sample
240428-b8zhhade55
-
MD5
041b79a3c1c08bf01f4dc2aab6099c6c
-
SHA1
86dca132b50bbd9aab9995172f1b993b72098f51
-
SHA256
df82eb852e747c09c4f345ef2726bd4b0f1f262be3a2527401250ff9597343fe
-
SHA512
4b4c33dc8d3a782c83d17ecc4ddafc31652a3e6926dc805dc37287cf10fc0090df4a95b4b5ce1e9c54dc0e824fae719194a8b35ee8ac10ee191ca2770ebcd7ba
-
SSDEEP
12288:BE8AJKp5g33X2nwRNmXMU0fj6or3RXqBxAMUQ6TcRbp2uQ1q:BE/JKvg3WwRNeAfj6upqBx5U2RN2uL
Static task
static1
Behavioral task
behavioral1
Sample
041b79a3c1c08bf01f4dc2aab6099c6c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
041b79a3c1c08bf01f4dc2aab6099c6c_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/ngz.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/ngz.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/nsisunz.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/nsisunz.dll
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
041b79a3c1c08bf01f4dc2aab6099c6c_JaffaCakes118
-
Size
606KB
-
MD5
041b79a3c1c08bf01f4dc2aab6099c6c
-
SHA1
86dca132b50bbd9aab9995172f1b993b72098f51
-
SHA256
df82eb852e747c09c4f345ef2726bd4b0f1f262be3a2527401250ff9597343fe
-
SHA512
4b4c33dc8d3a782c83d17ecc4ddafc31652a3e6926dc805dc37287cf10fc0090df4a95b4b5ce1e9c54dc0e824fae719194a8b35ee8ac10ee191ca2770ebcd7ba
-
SSDEEP
12288:BE8AJKp5g33X2nwRNmXMU0fj6or3RXqBxAMUQ6TcRbp2uQ1q:BE/JKvg3WwRNeAfj6upqBx5U2RN2uL
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/ngz.dll
-
Size
125KB
-
MD5
1dca01412e8bef71651216a3231e0d5f
-
SHA1
94ad7b7582b7609364c6986f0b880bdd6b3cdc12
-
SHA256
6319d5341868ce224bbe0c370fbc40db6e94d41dac63aab35ddce06a584611e6
-
SHA512
17369282387096e6196ee8851f5704a213761b6ffc2a7b3dcb8a956839a75c3579cf3237619c11ca9a59b77c866095337930566703cb1b34b4842dd5200e92c5
-
SSDEEP
1536:FbeXAFfcRpuya6j6/knTW2E9tp54Z8G6MEmfJzha1FSR8r4Zvn0BaOJvDkpPJXFt:71Ixj6FaFLfTEz4ZePkpPDuDuXX
Score3/10 -
-
-
Target
$PLUGINSDIR/nsisunz.dll
-
Size
40KB
-
MD5
5f13dbc378792f23e598079fc1e4422b
-
SHA1
5813c05802f15930aa860b8363af2b58426c8adf
-
SHA256
6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d
-
SHA512
9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5
-
SSDEEP
384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4
Score3/10 -