Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6bdb2b9e429adf2ddae06fda122f3545_JaffaCakes118
-
Size
675KB
-
Sample
240523-w16xtsbg57
-
MD5
6bdb2b9e429adf2ddae06fda122f3545
-
SHA1
425fc73f067adf6ebaa8ae8fb2a0d0797f143ea8
-
SHA256
16125cd0d4e59a7012726dd9c6ef386ab5a3c54ac37ba8cc4205523a28252411
-
SHA512
719612ab6b9598d76201d5aa4161b9777241fe76b0edd9b1c2aef61fd01a97503ecaab2b9d3386c3b6189df032abf4ea43366b4196bad98e88f0df14ac5a2967
-
SSDEEP
12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63J:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63J
Static task
static1
Behavioral task
behavioral1
Sample
6bdb2b9e429adf2ddae06fda122f3545_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6bdb2b9e429adf2ddae06fda122f3545_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
6bdb2b9e429adf2ddae06fda122f3545_JaffaCakes118
-
Size
675KB
-
MD5
6bdb2b9e429adf2ddae06fda122f3545
-
SHA1
425fc73f067adf6ebaa8ae8fb2a0d0797f143ea8
-
SHA256
16125cd0d4e59a7012726dd9c6ef386ab5a3c54ac37ba8cc4205523a28252411
-
SHA512
719612ab6b9598d76201d5aa4161b9777241fe76b0edd9b1c2aef61fd01a97503ecaab2b9d3386c3b6189df032abf4ea43366b4196bad98e88f0df14ac5a2967
-
SSDEEP
12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63J:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63J
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-