Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0f6a9323445648266b8eeb94b9a745a9_JaffaCakes118
-
Size
675KB
-
Sample
240503-ce7sfsed92
-
MD5
0f6a9323445648266b8eeb94b9a745a9
-
SHA1
6ab0c017ae1616d59064400713ae790849329041
-
SHA256
15a7c860882d3ce8c5e17bf3116d4b2d807fec295586bbbe00a8ccb83f2fb719
-
SHA512
4b741fe1569a3368179d9e6a1aa9c518d2012beb1ec2fe323d3802b08a7dfe1fa27a700d192bc8577bbddda99449dee99291fa5a0170d1b1b84a0cec0d80ceb7
-
SSDEEP
12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63L:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63L
Static task
static1
Behavioral task
behavioral1
Sample
0f6a9323445648266b8eeb94b9a745a9_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
0f6a9323445648266b8eeb94b9a745a9_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
0f6a9323445648266b8eeb94b9a745a9_JaffaCakes118
-
Size
675KB
-
MD5
0f6a9323445648266b8eeb94b9a745a9
-
SHA1
6ab0c017ae1616d59064400713ae790849329041
-
SHA256
15a7c860882d3ce8c5e17bf3116d4b2d807fec295586bbbe00a8ccb83f2fb719
-
SHA512
4b741fe1569a3368179d9e6a1aa9c518d2012beb1ec2fe323d3802b08a7dfe1fa27a700d192bc8577bbddda99449dee99291fa5a0170d1b1b84a0cec0d80ceb7
-
SSDEEP
12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63L:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63L
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-