Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
61eb45e462738c0e3984137f0a6da5ec_JaffaCakes118
-
Size
124KB
-
Sample
240521-d9qyvsgg5t
-
MD5
61eb45e462738c0e3984137f0a6da5ec
-
SHA1
82f6201b9f0a77b4298861a1da4cce08b99afb55
-
SHA256
64a4451cd02928f64713eda76180ed51914f03a349df777416cc1ea2dfbe1906
-
SHA512
c43aaf6811475f46021ddbabb197c9133c442f17f71f949c1e1b34e532b0c18c9644a931fc6eb9d66e0b666794afa7cb8242c4c974552c514c80b9eb3c99b80b
-
SSDEEP
3072:zClEDPzAWJJgekoUZXZqXVCAiM3GM+Zs:z8EDPz5LgIUZXZwEAd332
Static task
static1
Behavioral task
behavioral1
Sample
61eb45e462738c0e3984137f0a6da5ec_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
61eb45e462738c0e3984137f0a6da5ec_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
smokeloader
VgU
Extracted
smokeloader
2018
http://osetr.hk/css/
Targets
-
-
Target
61eb45e462738c0e3984137f0a6da5ec_JaffaCakes118
-
Size
124KB
-
MD5
61eb45e462738c0e3984137f0a6da5ec
-
SHA1
82f6201b9f0a77b4298861a1da4cce08b99afb55
-
SHA256
64a4451cd02928f64713eda76180ed51914f03a349df777416cc1ea2dfbe1906
-
SHA512
c43aaf6811475f46021ddbabb197c9133c442f17f71f949c1e1b34e532b0c18c9644a931fc6eb9d66e0b666794afa7cb8242c4c974552c514c80b9eb3c99b80b
-
SSDEEP
3072:zClEDPzAWJJgekoUZXZqXVCAiM3GM+Zs:z8EDPz5LgIUZXZwEAd332
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-