Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
12ab006815614f2ad93358a7a03f7441_JaffaCakes118
-
Size
359KB
-
Sample
240626-t44krswarl
-
MD5
12ab006815614f2ad93358a7a03f7441
-
SHA1
fda1d986310e48a1f1de2653225481f50008a5ef
-
SHA256
f19d07fbccb4bbf733cc55c967097e5cef053cd0c9188c10a5f138ea92929cb0
-
SHA512
2c4a8cc51b73765830f94a051859431dff0fd4967dd7b18ab84d70fd38cc5bcae7838f8cd86a09a42eea925463c6efe92d33d7e6efebcbfb919b21fef773d17c
-
SSDEEP
3072:IDsA/+Nzz0da6j2BtJ8nLzhbwhc+3aOz3TfRL0qz:Io4U6jnLlc++qOz3t
Behavioral task
behavioral1
Sample
12ab006815614f2ad93358a7a03f7441_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
12ab006815614f2ad93358a7a03f7441_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
12ab006815614f2ad93358a7a03f7441_JaffaCakes118
-
Size
359KB
-
MD5
12ab006815614f2ad93358a7a03f7441
-
SHA1
fda1d986310e48a1f1de2653225481f50008a5ef
-
SHA256
f19d07fbccb4bbf733cc55c967097e5cef053cd0c9188c10a5f138ea92929cb0
-
SHA512
2c4a8cc51b73765830f94a051859431dff0fd4967dd7b18ab84d70fd38cc5bcae7838f8cd86a09a42eea925463c6efe92d33d7e6efebcbfb919b21fef773d17c
-
SSDEEP
3072:IDsA/+Nzz0da6j2BtJ8nLzhbwhc+3aOz3TfRL0qz:Io4U6jnLlc++qOz3t
Score10/10-
Modifies WinLogon for persistence
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Impair Defenses: Safe Mode Boot
-