Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1902d2fb07fd303208824e070a491a14_JaffaCakes118
-
Size
1.0MB
-
Sample
240628-ghw8caxamn
-
MD5
1902d2fb07fd303208824e070a491a14
-
SHA1
c8d4f562bb1441188a33401c736e95c87d9fae8f
-
SHA256
05d4d6d0f15dec78b1b4a418b8081b720245dd92f09fb32f4f69c6af9d39a8df
-
SHA512
0a21e11de4c87b814f8817338c272ca33b51c7d9472d6bf849a9dec423eb4738eb2fd26c59f918e72f898d71c5c7383e8829391dcd2931f511e0cb16ed64200b
-
SSDEEP
24576:w/Af7uuZB2MiMKLv7kLxOPdERHrqPiBfhcvLMc2h:w4CuZhiv6gP8H+4c2h
Static task
static1
Behavioral task
behavioral1
Sample
1902d2fb07fd303208824e070a491a14_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1902d2fb07fd303208824e070a491a14_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1902d2fb07fd303208824e070a491a14_JaffaCakes118
-
Size
1.0MB
-
MD5
1902d2fb07fd303208824e070a491a14
-
SHA1
c8d4f562bb1441188a33401c736e95c87d9fae8f
-
SHA256
05d4d6d0f15dec78b1b4a418b8081b720245dd92f09fb32f4f69c6af9d39a8df
-
SHA512
0a21e11de4c87b814f8817338c272ca33b51c7d9472d6bf849a9dec423eb4738eb2fd26c59f918e72f898d71c5c7383e8829391dcd2931f511e0cb16ed64200b
-
SSDEEP
24576:w/Af7uuZB2MiMKLv7kLxOPdERHrqPiBfhcvLMc2h:w4CuZhiv6gP8H+4c2h
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-