Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9cd24ec8dc7ae21677f4fc5cb04f0ce8_JaffaCakes118
-
Size
1.0MB
-
Sample
240611-drlanasgnk
-
MD5
9cd24ec8dc7ae21677f4fc5cb04f0ce8
-
SHA1
7c8fd75df63163df50e2451ba376b26215d21edc
-
SHA256
8f50d3a4347252ab64f661adcaa77d3bc1f3dfdf6af2833596991b90188fe6f1
-
SHA512
168575657d85d2ebd0f8148d5e1e99fce62ac709e1c46c55e1e809cde96a70d51fa5668b8fce41838eb61e9160c1b850c205410acb213389d16c7bdd3187c45f
-
SSDEEP
24576:WlVq0okbkKy71LtxM9JP4oNBzb95ecd+7jJoYp5nXSqdix:+qwbly715xM9JrhbNABL5n6x
Static task
static1
Behavioral task
behavioral1
Sample
9cd24ec8dc7ae21677f4fc5cb04f0ce8_JaffaCakes118.dll
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
9cd24ec8dc7ae21677f4fc5cb04f0ce8_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
9cd24ec8dc7ae21677f4fc5cb04f0ce8_JaffaCakes118
-
Size
1.0MB
-
MD5
9cd24ec8dc7ae21677f4fc5cb04f0ce8
-
SHA1
7c8fd75df63163df50e2451ba376b26215d21edc
-
SHA256
8f50d3a4347252ab64f661adcaa77d3bc1f3dfdf6af2833596991b90188fe6f1
-
SHA512
168575657d85d2ebd0f8148d5e1e99fce62ac709e1c46c55e1e809cde96a70d51fa5668b8fce41838eb61e9160c1b850c205410acb213389d16c7bdd3187c45f
-
SSDEEP
24576:WlVq0okbkKy71LtxM9JP4oNBzb95ecd+7jJoYp5nXSqdix:+qwbly715xM9JrhbNABL5n6x
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-