Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
99bf8453adc7b7cc7ddc8e32927343b7_JaffaCakes118
-
Size
671KB
-
Sample
240606-b7pxnseb5t
-
MD5
99bf8453adc7b7cc7ddc8e32927343b7
-
SHA1
54a0bb82d314f872fd5c7207a2c47e00918c4a6d
-
SHA256
14cd9fe1746ede07281daafe6964964bc78c7eecf9a8755e15ace9cedbd281b9
-
SHA512
2bdebfa2b0109490f4d433fd2ad51682eabd687c7db83d3918b857143d4668b593648fdcb3361947067038ba2a4fd21b27f66e3f6f7fd45891dbeccce50ef6c4
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6d:qJ7Uzj4yUo7Fdle8WIbCL6d
Static task
static1
Behavioral task
behavioral1
Sample
99bf8453adc7b7cc7ddc8e32927343b7_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
99bf8453adc7b7cc7ddc8e32927343b7_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
99bf8453adc7b7cc7ddc8e32927343b7_JaffaCakes118
-
Size
671KB
-
MD5
99bf8453adc7b7cc7ddc8e32927343b7
-
SHA1
54a0bb82d314f872fd5c7207a2c47e00918c4a6d
-
SHA256
14cd9fe1746ede07281daafe6964964bc78c7eecf9a8755e15ace9cedbd281b9
-
SHA512
2bdebfa2b0109490f4d433fd2ad51682eabd687c7db83d3918b857143d4668b593648fdcb3361947067038ba2a4fd21b27f66e3f6f7fd45891dbeccce50ef6c4
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6d:qJ7Uzj4yUo7Fdle8WIbCL6d
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-