Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
08d701fea25937c46ab1af409e3f22d4_JaffaCakes118
-
Size
156KB
-
Sample
240430-c4y7lsab84
-
MD5
08d701fea25937c46ab1af409e3f22d4
-
SHA1
9d09842741ef59901ca4855610569e08024f8605
-
SHA256
326cfbda2969b2ab9c6f72480aa443cce112482bd1d5e354cb8c572fa9817d03
-
SHA512
5e8ba97bdf5603ce47a4786646b12f0d81d4aa314f1762d6d4b71e7ead22e6c010964eb84f78a9ad3901ad26fdca697e890b1d252c23aa27c103f2e4383ab45e
-
SSDEEP
768:G/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLx:GRsvcdcQjosnvnZ6LQ1Ex
Static task
static1
Behavioral task
behavioral1
Sample
08d701fea25937c46ab1af409e3f22d4_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
08d701fea25937c46ab1af409e3f22d4_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
griptoloji - Password:
741852
Targets
-
-
Target
08d701fea25937c46ab1af409e3f22d4_JaffaCakes118
-
Size
156KB
-
MD5
08d701fea25937c46ab1af409e3f22d4
-
SHA1
9d09842741ef59901ca4855610569e08024f8605
-
SHA256
326cfbda2969b2ab9c6f72480aa443cce112482bd1d5e354cb8c572fa9817d03
-
SHA512
5e8ba97bdf5603ce47a4786646b12f0d81d4aa314f1762d6d4b71e7ead22e6c010964eb84f78a9ad3901ad26fdca697e890b1d252c23aa27c103f2e4383ab45e
-
SSDEEP
768:G/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLx:GRsvcdcQjosnvnZ6LQ1Ex
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-