Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2102a18ff6cba85e69ae35b634f39be0_JaffaCakes118
-
Size
538KB
-
Sample
240507-tkjq9age36
-
MD5
2102a18ff6cba85e69ae35b634f39be0
-
SHA1
98aad628983d486d3922bf5804aaceb2bd6c6bb1
-
SHA256
36ea9326d29c2f86a66a6dc1e878165c1239262493939b54dd27fd2eba05d0b4
-
SHA512
59942455cee01061e8542258e2f7264b66f2a24aa6cd23187011c7979a608cc09ee19150c7a4dcf987e80f90c77d1ee61e4420fb979b47616a58b3522bb14edb
-
SSDEEP
12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5
Static task
static1
Behavioral task
behavioral1
Sample
2102a18ff6cba85e69ae35b634f39be0_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2102a18ff6cba85e69ae35b634f39be0_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2102a18ff6cba85e69ae35b634f39be0_JaffaCakes118
-
Size
538KB
-
MD5
2102a18ff6cba85e69ae35b634f39be0
-
SHA1
98aad628983d486d3922bf5804aaceb2bd6c6bb1
-
SHA256
36ea9326d29c2f86a66a6dc1e878165c1239262493939b54dd27fd2eba05d0b4
-
SHA512
59942455cee01061e8542258e2f7264b66f2a24aa6cd23187011c7979a608cc09ee19150c7a4dcf987e80f90c77d1ee61e4420fb979b47616a58b3522bb14edb
-
SSDEEP
12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-