Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1c2aa519cf1a087fd5bc9b16f3b29fbf_JaffaCakes118
-
Size
388KB
-
Sample
240701-xtvrnayaqm
-
MD5
1c2aa519cf1a087fd5bc9b16f3b29fbf
-
SHA1
cca1d82c54587343885b8ef28b3ec2e12e0ccc2f
-
SHA256
6f9ff374fe39ab45d30d728317dd3afaa5f307637eba3e4e7dcd7eb50084023f
-
SHA512
b88117ddec7a9034d6d9379ab39597dcfa92053f6b199771992f6a357711b9ec88c0321a9d23c1703a2ce432874dcefa20ddbc721d2e8c03a61b5fab3ba598b7
-
SSDEEP
6144:uBIHYIw4oP7kvzP3VyQgkrydG5/YHcUWF4/G4TyQOI5JgpcvqNplcwaNC:up4oPs3VvgldG5/4WF4fT0Iw5piNC
Static task
static1
Behavioral task
behavioral1
Sample
1c2aa519cf1a087fd5bc9b16f3b29fbf_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1c2aa519cf1a087fd5bc9b16f3b29fbf_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1c2aa519cf1a087fd5bc9b16f3b29fbf_JaffaCakes118
-
Size
388KB
-
MD5
1c2aa519cf1a087fd5bc9b16f3b29fbf
-
SHA1
cca1d82c54587343885b8ef28b3ec2e12e0ccc2f
-
SHA256
6f9ff374fe39ab45d30d728317dd3afaa5f307637eba3e4e7dcd7eb50084023f
-
SHA512
b88117ddec7a9034d6d9379ab39597dcfa92053f6b199771992f6a357711b9ec88c0321a9d23c1703a2ce432874dcefa20ddbc721d2e8c03a61b5fab3ba598b7
-
SSDEEP
6144:uBIHYIw4oP7kvzP3VyQgkrydG5/YHcUWF4/G4TyQOI5JgpcvqNplcwaNC:up4oPs3VvgldG5/4WF4fT0Iw5piNC
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-