Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
81950bd62346edc2012fa1cdb834188c_JaffaCakes118
-
Size
638KB
-
Sample
240529-xsjb8sfc36
-
MD5
81950bd62346edc2012fa1cdb834188c
-
SHA1
1c0a5bf7aa63b585a2cf8c4e6358a8b2deb5d1ba
-
SHA256
2373017059d61386f8f3d1b7f4dc5084db31c471d0e3d78bbc0f124b2b67844e
-
SHA512
f64e505e91b7521784c54f7b60ee5c6a4ccb9a944ab48de2a9ac6ef1e9f4c447b4a9c1a7fcd7bd38ab4ceb049b0a3eb21391b5ed1173d35335a638c636fc08ce
-
SSDEEP
12288:hmrT/NtMTbIhcvPMLxa8bzzyUoCyhRB2Sjy7Xrxti3rwbX1W38oZ1f6jB3Bs:QrT/Nt3AML1XRykdzltqm8r3f6jB2
Static task
static1
Behavioral task
behavioral1
Sample
81950bd62346edc2012fa1cdb834188c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
81950bd62346edc2012fa1cdb834188c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
81950bd62346edc2012fa1cdb834188c_JaffaCakes118
-
Size
638KB
-
MD5
81950bd62346edc2012fa1cdb834188c
-
SHA1
1c0a5bf7aa63b585a2cf8c4e6358a8b2deb5d1ba
-
SHA256
2373017059d61386f8f3d1b7f4dc5084db31c471d0e3d78bbc0f124b2b67844e
-
SHA512
f64e505e91b7521784c54f7b60ee5c6a4ccb9a944ab48de2a9ac6ef1e9f4c447b4a9c1a7fcd7bd38ab4ceb049b0a3eb21391b5ed1173d35335a638c636fc08ce
-
SSDEEP
12288:hmrT/NtMTbIhcvPMLxa8bzzyUoCyhRB2Sjy7Xrxti3rwbX1W38oZ1f6jB3Bs:QrT/Nt3AML1XRykdzltqm8r3f6jB2
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-