Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b536fb920e7ef641d548d0a402a29735_JaffaCakes118
-
Size
776KB
-
Sample
240616-zy9sgsxhrb
-
MD5
b536fb920e7ef641d548d0a402a29735
-
SHA1
7cc13314f4780abb0c74939ee3e3aa28cb7dd2ed
-
SHA256
6542ea63971032f653f080578ed064421a60fd87102bacb3fe10c2dd774bad41
-
SHA512
d30276e06408a716e5d7658324fc2154a9ab0a53b023c8035e1aa3f5cd7aeb9010795d5b24b817bb0732a985a8429eba51b67b5692c97379d89781f991d3e896
-
SSDEEP
12288:ESgIU81VPhOKSw47n2Xfb6RLZbpFkOLNm:V1VhSDn2PbsbphNm
Static task
static1
Behavioral task
behavioral1
Sample
b536fb920e7ef641d548d0a402a29735_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b536fb920e7ef641d548d0a402a29735_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
azorult
http://sewakoto.us/panel/1/index.php
Targets
-
-
Target
b536fb920e7ef641d548d0a402a29735_JaffaCakes118
-
Size
776KB
-
MD5
b536fb920e7ef641d548d0a402a29735
-
SHA1
7cc13314f4780abb0c74939ee3e3aa28cb7dd2ed
-
SHA256
6542ea63971032f653f080578ed064421a60fd87102bacb3fe10c2dd774bad41
-
SHA512
d30276e06408a716e5d7658324fc2154a9ab0a53b023c8035e1aa3f5cd7aeb9010795d5b24b817bb0732a985a8429eba51b67b5692c97379d89781f991d3e896
-
SSDEEP
12288:ESgIU81VPhOKSw47n2Xfb6RLZbpFkOLNm:V1VhSDn2PbsbphNm
Score10/10-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-