Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2c32fd77b49e9b461502bd7b962b3958_JaffaCakes118
-
Size
448KB
-
Sample
240509-3aa6sscf8y
-
MD5
2c32fd77b49e9b461502bd7b962b3958
-
SHA1
c1ac57ee5ff6d01ede7d6b23fd1b8521d01b77ec
-
SHA256
2e3a530f6f30e32e7d982308747f0f9015c37e651939dc8e0982b38425e5cfa0
-
SHA512
e3beb16e77667c3f6014ca180151c03699e0a609100abb53e5012a86588eb3f3029c9e4be48b24d9d2fc945f8e61d33fc66d218649f5e5f87b6120891f297287
-
SSDEEP
12288:dER6Wq4aaE6KwyF5L0Y2D1PqLoHPvCMaD:dEnthEVaPqLIPs
Static task
static1
Behavioral task
behavioral1
Sample
2c32fd77b49e9b461502bd7b962b3958_JaffaCakes118.msi
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2c32fd77b49e9b461502bd7b962b3958_JaffaCakes118.msi
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2c32fd77b49e9b461502bd7b962b3958_JaffaCakes118
-
Size
448KB
-
MD5
2c32fd77b49e9b461502bd7b962b3958
-
SHA1
c1ac57ee5ff6d01ede7d6b23fd1b8521d01b77ec
-
SHA256
2e3a530f6f30e32e7d982308747f0f9015c37e651939dc8e0982b38425e5cfa0
-
SHA512
e3beb16e77667c3f6014ca180151c03699e0a609100abb53e5012a86588eb3f3029c9e4be48b24d9d2fc945f8e61d33fc66d218649f5e5f87b6120891f297287
-
SSDEEP
12288:dER6Wq4aaE6KwyF5L0Y2D1PqLoHPvCMaD:dEnthEVaPqLIPs
Score7/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-