Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
adb4871da80855607760738d9d7670c2_JaffaCakes118
-
Size
904KB
-
Sample
240615-k63a2svfka
-
MD5
adb4871da80855607760738d9d7670c2
-
SHA1
07c6d131acd72cb8cc68e51905fdf1a7ef3b92d1
-
SHA256
e5e84f76ada6cdc1d014815b75a2508fbeba5a08372bd1d027b987295ef654a9
-
SHA512
cc40c80aa2acc06e8085e793c4bb715625626dbc78deed45e17b2417393330a38a2aa268d6d95686d50e40a94433e8f7d651d889eab5dd94572bcbc334004c67
-
SSDEEP
24576:eNcBtkZXdep+UH2FZtzyVSHkZcQt6SRHMbP:5eu+UWFPe8evdsbP
Static task
static1
Behavioral task
behavioral1
Sample
adb4871da80855607760738d9d7670c2_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
adb4871da80855607760738d9d7670c2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
adb4871da80855607760738d9d7670c2_JaffaCakes118
-
Size
904KB
-
MD5
adb4871da80855607760738d9d7670c2
-
SHA1
07c6d131acd72cb8cc68e51905fdf1a7ef3b92d1
-
SHA256
e5e84f76ada6cdc1d014815b75a2508fbeba5a08372bd1d027b987295ef654a9
-
SHA512
cc40c80aa2acc06e8085e793c4bb715625626dbc78deed45e17b2417393330a38a2aa268d6d95686d50e40a94433e8f7d651d889eab5dd94572bcbc334004c67
-
SSDEEP
24576:eNcBtkZXdep+UH2FZtzyVSHkZcQt6SRHMbP:5eu+UWFPe8evdsbP
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader First Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-