Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
315d8dc501e042bd528ece9a79447606_JaffaCakes118
-
Size
227KB
-
Sample
240510-2gf5ysgd37
-
MD5
315d8dc501e042bd528ece9a79447606
-
SHA1
a6e6b4adf6e7e43765ddad00d42db315bbfc2d49
-
SHA256
b9df272c2e6a4c4c0f09b61eb770648403c8f736ee513e0e8910a19f5bbad5f8
-
SHA512
1f1f433c3f1c0bfe3b037cf7382224d1fc6ee75d5c89d5e7fe3aa3745121147165457dd7bc52242c5e1f792cf77d9b03bbef01a21a57beda9bb3cb77d3896131
-
SSDEEP
6144:GsaocyLC0S8EKwcqLBpU3nofCqUajOBjypw:GtobzrEKZW9p6Vgw
Static task
static1
Behavioral task
behavioral1
Sample
315d8dc501e042bd528ece9a79447606_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
315d8dc501e042bd528ece9a79447606_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/install.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/install.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
315d8dc501e042bd528ece9a79447606_JaffaCakes118
-
Size
227KB
-
MD5
315d8dc501e042bd528ece9a79447606
-
SHA1
a6e6b4adf6e7e43765ddad00d42db315bbfc2d49
-
SHA256
b9df272c2e6a4c4c0f09b61eb770648403c8f736ee513e0e8910a19f5bbad5f8
-
SHA512
1f1f433c3f1c0bfe3b037cf7382224d1fc6ee75d5c89d5e7fe3aa3745121147165457dd7bc52242c5e1f792cf77d9b03bbef01a21a57beda9bb3cb77d3896131
-
SSDEEP
6144:GsaocyLC0S8EKwcqLBpU3nofCqUajOBjypw:GtobzrEKZW9p6Vgw
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
-
-
Target
$PLUGINSDIR/install.exe
-
Size
173KB
-
MD5
2e6b916342ce1c8916ed73cd052c05f8
-
SHA1
dc7cc05b9f016eaa582e7f459f071f4b9e24ba33
-
SHA256
3d4585ba554410428b9d1fcbd35ba22093f295516d47964f3ad5c5f72f21613b
-
SHA512
4915b315893cce26a7b3246f8a994c1ede4f4c26bf6f1b0d1aeaa40254b9152f79451720d6de3b8c30cbd5dffe58e8cd034a6cbf3ef524b8c9597e2654f650bd
-
SSDEEP
3072:VtgRQsSB9ibBoI67yFtvrn5NbXVjigIaLqgkZl7kBc+jeOJDyEM6dJBy5e9:VPB6oTyTzKaO37k/nTzBke9
Score6/10-
Drops desktop.ini file(s)
-
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
8KB
-
MD5
249ae678f0dac4c625c6de6aca53823a
-
SHA1
6ac2b9e90e8445fed4c45c5dbf2d0227cd3b5201
-
SHA256
7298024a36310b7c4c112be87b61b62a0b1be493e2d5252a19e5e976daf674ce
-
SHA512
66e4081a40f3191bf28b810cf8411cb3c8c3e3ec5943e18d6672414fb5e7b4364f862cba44c9115c599ac90890ef02a773e254e7c979e930946bc52b0693aad7
-
SSDEEP
192:r/QeHNWSvUTfWdXw08LYKFaynLb3MRlbOVlR:7jBvwudT8LJxnnMRlyVlR
Score3/10 -