Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b0a4342473590966d57b22a3b3c0a99b_JaffaCakes118
-
Size
674KB
-
Sample
240615-3ccgmsyfnf
-
MD5
b0a4342473590966d57b22a3b3c0a99b
-
SHA1
143524af9ef4f2af44a965f1fc0144eea370caa4
-
SHA256
226adbd5d3659a9e36963cfa1dd33fb9c5cbdc87c931a308de648549ea1c2ca1
-
SHA512
4d18e90ba85da098caea2fe32d62fc4892b30d6f09562489e4bcd38f97ef1d9a9cb625e82b914c4bfacd16df432c578b520d89eb5b48095602133f6c3545245f
-
SSDEEP
12288:rCRO7YJnY+ndmFWp9QYKctiH0bPbzYVlEYZHJBitDEK9f3ajKG7DfyG6g:OROclJ0Q9+cthjUlE2HLj8f3aD7DqG6g
Static task
static1
Behavioral task
behavioral1
Sample
b0a4342473590966d57b22a3b3c0a99b_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b0a4342473590966d57b22a3b3c0a99b_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
b0a4342473590966d57b22a3b3c0a99b_JaffaCakes118
-
Size
674KB
-
MD5
b0a4342473590966d57b22a3b3c0a99b
-
SHA1
143524af9ef4f2af44a965f1fc0144eea370caa4
-
SHA256
226adbd5d3659a9e36963cfa1dd33fb9c5cbdc87c931a308de648549ea1c2ca1
-
SHA512
4d18e90ba85da098caea2fe32d62fc4892b30d6f09562489e4bcd38f97ef1d9a9cb625e82b914c4bfacd16df432c578b520d89eb5b48095602133f6c3545245f
-
SSDEEP
12288:rCRO7YJnY+ndmFWp9QYKctiH0bPbzYVlEYZHJBitDEK9f3ajKG7DfyG6g:OROclJ0Q9+cthjUlE2HLj8f3aD7DqG6g
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-