Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
37141d21044b40a776c51cdc13b86899_JaffaCakes118
-
Size
73KB
-
Sample
240511-3b1g3sdg2w
-
MD5
37141d21044b40a776c51cdc13b86899
-
SHA1
8f987d9c56e12e6641754115cb0d65d6c34e69c6
-
SHA256
e2fb246070404a9e7f9a42bc88f3429ee9f7bc4470c4ac939db46be21e165287
-
SHA512
2cb85962acafa8d0ce385917b425f5ede4ab503d1224073aae783e57b5eab3589bd423b47e1c6d7f689c5cce0bf791de84d897fb95ecf64ffd59f30758b4fdcc
-
SSDEEP
1536:d8cQPMz4GlHNvQYviFSD17fdN85bxYYhVfGAGnNUHORWR:6cQPM8GdNv6ERYLN7SNEKWR
Static task
static1
Behavioral task
behavioral1
Sample
37141d21044b40a776c51cdc13b86899_JaffaCakes118.js
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
37141d21044b40a776c51cdc13b86899_JaffaCakes118.js
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
37141d21044b40a776c51cdc13b86899_JaffaCakes118
-
Size
73KB
-
MD5
37141d21044b40a776c51cdc13b86899
-
SHA1
8f987d9c56e12e6641754115cb0d65d6c34e69c6
-
SHA256
e2fb246070404a9e7f9a42bc88f3429ee9f7bc4470c4ac939db46be21e165287
-
SHA512
2cb85962acafa8d0ce385917b425f5ede4ab503d1224073aae783e57b5eab3589bd423b47e1c6d7f689c5cce0bf791de84d897fb95ecf64ffd59f30758b4fdcc
-
SSDEEP
1536:d8cQPMz4GlHNvQYviFSD17fdN85bxYYhVfGAGnNUHORWR:6cQPM8GdNv6ERYLN7SNEKWR
Score8/10-
Blocklisted process makes network request
-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-