Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0b6610a41f1b7e1b62cbae3e167872a2_JaffaCakes118
-
Size
37KB
-
Sample
240624-31zbbayhjb
-
MD5
0b6610a41f1b7e1b62cbae3e167872a2
-
SHA1
1954107f25b3eb412278da8deb2551d67911640f
-
SHA256
55280be169c9666d74d691a3af6744afa5ad6afd9d2b769346542c593be112b1
-
SHA512
cd1c885bc5d004bceab9b4f609e7d4ab967be11fd9994d32741c683987512e54661a9baee4f6185d1203884beaf3cb892c82f23273a8bc7c7da92fa758a25c32
-
SSDEEP
768:LhO2hU++jmmFmP39qhhXOHYigASWD1CAns9p5GFnbiFJzuM6rwF:H+++jmmFmP3UHXO4hAS1A4p5GFnbiFrf
Static task
static1
Behavioral task
behavioral1
Sample
0b6610a41f1b7e1b62cbae3e167872a2_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0b6610a41f1b7e1b62cbae3e167872a2_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
dickyfish1
Targets
-
-
Target
0b6610a41f1b7e1b62cbae3e167872a2_JaffaCakes118
-
Size
37KB
-
MD5
0b6610a41f1b7e1b62cbae3e167872a2
-
SHA1
1954107f25b3eb412278da8deb2551d67911640f
-
SHA256
55280be169c9666d74d691a3af6744afa5ad6afd9d2b769346542c593be112b1
-
SHA512
cd1c885bc5d004bceab9b4f609e7d4ab967be11fd9994d32741c683987512e54661a9baee4f6185d1203884beaf3cb892c82f23273a8bc7c7da92fa758a25c32
-
SSDEEP
768:LhO2hU++jmmFmP39qhhXOHYigASWD1CAns9p5GFnbiFJzuM6rwF:H+++jmmFmP3UHXO4hAS1A4p5GFnbiFrf
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-