Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4bbd442d3516c9b4ca06ea218ce95ad3_JaffaCakes118
-
Size
128KB
-
Sample
240516-sqs2faah87
-
MD5
4bbd442d3516c9b4ca06ea218ce95ad3
-
SHA1
03a9385f7c293ae35b28b4b7f6e1284a656034f8
-
SHA256
b25d305b5a2a8617f78454eea884183cbeed10353f47701d23df6f6e5f9e53a3
-
SHA512
5217186acf70dd0c3f4ce17b2955e7c2a810a6e4b40232a27806169b432374cf9de87635647b82c915cfaa29fe4b0f307e1f89dbc53b01e71bddc89a6186e414
-
SSDEEP
1536:ULXB65939tY6HBg4sXJSiwhKKS20Ub2nLnVj1KxSmiwGOcVf2/O12C:ULk395hYXJSiZKoHLnux5i05O12C
Static task
static1
Behavioral task
behavioral1
Sample
4bbd442d3516c9b4ca06ea218ce95ad3_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
4bbd442d3516c9b4ca06ea218ce95ad3_JaffaCakes118
-
Size
128KB
-
MD5
4bbd442d3516c9b4ca06ea218ce95ad3
-
SHA1
03a9385f7c293ae35b28b4b7f6e1284a656034f8
-
SHA256
b25d305b5a2a8617f78454eea884183cbeed10353f47701d23df6f6e5f9e53a3
-
SHA512
5217186acf70dd0c3f4ce17b2955e7c2a810a6e4b40232a27806169b432374cf9de87635647b82c915cfaa29fe4b0f307e1f89dbc53b01e71bddc89a6186e414
-
SSDEEP
1536:ULXB65939tY6HBg4sXJSiwhKKS20Ub2nLnVj1KxSmiwGOcVf2/O12C:ULk395hYXJSiZKoHLnux5i05O12C
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-