Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
47abf11bc910a73ee39be0fed68b696e_JaffaCakes118
-
Size
727KB
-
Sample
240515-x6wjqaga2s
-
MD5
47abf11bc910a73ee39be0fed68b696e
-
SHA1
f834f9aa77a77b60bf9afd62f608d1189a13f79c
-
SHA256
15ee2be3aec6f8464c8fa455e26192022e0f40597ca8c03309be1856f1e54141
-
SHA512
c5af5947407af34a1e1112dc0c1f721b2a07cc2a7a65996f7ffa1e5b1863ced5b84067e5325d346592b8f72f472eaaf19e34727b8656084e6bbdafc6397f87c2
-
SSDEEP
12288:GC17VTf2wMllw1sqTSJbnoP9Fy/YjslW4S0zx5zDLQ4UhJ1oW/jS/OU:VdVTf2nm1sqTSJbncTy/YQl20F5M4A1I
Static task
static1
Behavioral task
behavioral1
Sample
47abf11bc910a73ee39be0fed68b696e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
47abf11bc910a73ee39be0fed68b696e_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
47abf11bc910a73ee39be0fed68b696e_JaffaCakes118
-
Size
727KB
-
MD5
47abf11bc910a73ee39be0fed68b696e
-
SHA1
f834f9aa77a77b60bf9afd62f608d1189a13f79c
-
SHA256
15ee2be3aec6f8464c8fa455e26192022e0f40597ca8c03309be1856f1e54141
-
SHA512
c5af5947407af34a1e1112dc0c1f721b2a07cc2a7a65996f7ffa1e5b1863ced5b84067e5325d346592b8f72f472eaaf19e34727b8656084e6bbdafc6397f87c2
-
SSDEEP
12288:GC17VTf2wMllw1sqTSJbnoP9Fy/YjslW4S0zx5zDLQ4UhJ1oW/jS/OU:VdVTf2nm1sqTSJbncTy/YQl20F5M4A1I
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-