Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
17bc6b2e8fa163cb9ca87c05f1246823_JaffaCakes118
-
Size
671KB
-
Sample
240505-p1d4gsad4t
-
MD5
17bc6b2e8fa163cb9ca87c05f1246823
-
SHA1
e4bcf26f35ba0427ba15a1ab9294f72f9d84f793
-
SHA256
06e1c2756b90f0495fe77b6263a59f0dcbe46900075e97b5be9ba49331f60766
-
SHA512
de91fd5a3d6b5606caadaef5d1f57b8519dcd3b131c23da87acbf9a6b2945d1256d77c50f0b8bfa73e9f49109d379b85752535c38e1db7b1a076d0bdbaadb31c
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6I:qJ7Uzj4yUo7Fdle8WIbCL6I
Static task
static1
Behavioral task
behavioral1
Sample
17bc6b2e8fa163cb9ca87c05f1246823_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
17bc6b2e8fa163cb9ca87c05f1246823_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
17bc6b2e8fa163cb9ca87c05f1246823_JaffaCakes118
-
Size
671KB
-
MD5
17bc6b2e8fa163cb9ca87c05f1246823
-
SHA1
e4bcf26f35ba0427ba15a1ab9294f72f9d84f793
-
SHA256
06e1c2756b90f0495fe77b6263a59f0dcbe46900075e97b5be9ba49331f60766
-
SHA512
de91fd5a3d6b5606caadaef5d1f57b8519dcd3b131c23da87acbf9a6b2945d1256d77c50f0b8bfa73e9f49109d379b85752535c38e1db7b1a076d0bdbaadb31c
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6I:qJ7Uzj4yUo7Fdle8WIbCL6I
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-