Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0714394b7db4db09309ee67096723c0e_JaffaCakes118
-
Size
726KB
-
Sample
240620-sekwpaxgqj
-
MD5
0714394b7db4db09309ee67096723c0e
-
SHA1
7903c3111ec507cf266ef88c8ce42145ffca3d10
-
SHA256
ae78f1813c96535532be71ac89259f51b7b84edbaf9fcd2f97db58af04e06e1a
-
SHA512
96bf8c44011a0fba5366c017bfa27f19c4d7374b6e1625b8ad11d26d14ddb3998d5ba493186fe0a4a1c85a0de6ac5ae913fb5a38ef5005e027978050f5f62993
-
SSDEEP
12288:F8k37stBEScWoGdqDkg16l9xneL73U9sPG7SGzJkZqTYEH4K:F8kL0BfTdqDktl3cA+6zJcqTY4b
Behavioral task
behavioral1
Sample
0714394b7db4db09309ee67096723c0e_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0714394b7db4db09309ee67096723c0e_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0714394b7db4db09309ee67096723c0e_JaffaCakes118
-
Size
726KB
-
MD5
0714394b7db4db09309ee67096723c0e
-
SHA1
7903c3111ec507cf266ef88c8ce42145ffca3d10
-
SHA256
ae78f1813c96535532be71ac89259f51b7b84edbaf9fcd2f97db58af04e06e1a
-
SHA512
96bf8c44011a0fba5366c017bfa27f19c4d7374b6e1625b8ad11d26d14ddb3998d5ba493186fe0a4a1c85a0de6ac5ae913fb5a38ef5005e027978050f5f62993
-
SSDEEP
12288:F8k37stBEScWoGdqDkg16l9xneL73U9sPG7SGzJkZqTYEH4K:F8kL0BfTdqDktl3cA+6zJcqTY4b
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Suspicious use of SetThreadContext
-