Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
098ae366ed37c8452cae34e0424ba0f1_JaffaCakes118
-
Size
132KB
-
Sample
240624-tsfdssvbqm
-
MD5
098ae366ed37c8452cae34e0424ba0f1
-
SHA1
903794154af111385dd74678de2ff85f79c899ff
-
SHA256
598e72d8ad6a1559b6decbc71be2ed362aaa1f3a2a12cc26cc60d2626215e338
-
SHA512
f05568a957c42c006ebcf1551f19a3d2bb33f7e0077b4911a776ff1ab8fdb56533fb3df10099e8187494ba6141af878277dc6ac7647467829d5a47918bb8de7e
-
SSDEEP
3072:e4tWMJJh6fryYP/daqh8iJkZdhSH4FsMVPCuvjrPCqME:ecWMJJhqryYP/daqh5JguH46MVPCuvjF
Malware Config
Targets
-
-
Target
098ae366ed37c8452cae34e0424ba0f1_JaffaCakes118
-
Size
132KB
-
MD5
098ae366ed37c8452cae34e0424ba0f1
-
SHA1
903794154af111385dd74678de2ff85f79c899ff
-
SHA256
598e72d8ad6a1559b6decbc71be2ed362aaa1f3a2a12cc26cc60d2626215e338
-
SHA512
f05568a957c42c006ebcf1551f19a3d2bb33f7e0077b4911a776ff1ab8fdb56533fb3df10099e8187494ba6141af878277dc6ac7647467829d5a47918bb8de7e
-
SSDEEP
3072:e4tWMJJh6fryYP/daqh8iJkZdhSH4FsMVPCuvjrPCqME:ecWMJJhqryYP/daqh5JguH46MVPCuvjF
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-