Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1c8575d5be57704d35f150dc101e5eca_JaffaCakes118
-
Size
250KB
-
Sample
240701-z3xnqatfnp
-
MD5
1c8575d5be57704d35f150dc101e5eca
-
SHA1
1eb97ec2d13018f35a91a5d30ef1faf703e195e7
-
SHA256
40e7148d075f5b528df9b7d60ccd54169faeec3ca41e519bebbe8da813e3b8c1
-
SHA512
69ffcd817b32c6744ef4ce3839945e2a90d67259bdbf568aa674112a96913d37bff47383b8fcedf0c07edda889c071378b050fd3cada2d4a6dd1b8d90a0d9e54
-
SSDEEP
6144:yhieuJDr5T8b2ufqBLjSB/MS7irtIa6cwoD8ZroSfjGFA:PeKrJJuf86AYcwoaoSbr
Behavioral task
behavioral1
Sample
1c8575d5be57704d35f150dc101e5eca_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1c8575d5be57704d35f150dc101e5eca_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1c8575d5be57704d35f150dc101e5eca_JaffaCakes118
-
Size
250KB
-
MD5
1c8575d5be57704d35f150dc101e5eca
-
SHA1
1eb97ec2d13018f35a91a5d30ef1faf703e195e7
-
SHA256
40e7148d075f5b528df9b7d60ccd54169faeec3ca41e519bebbe8da813e3b8c1
-
SHA512
69ffcd817b32c6744ef4ce3839945e2a90d67259bdbf568aa674112a96913d37bff47383b8fcedf0c07edda889c071378b050fd3cada2d4a6dd1b8d90a0d9e54
-
SSDEEP
6144:yhieuJDr5T8b2ufqBLjSB/MS7irtIa6cwoD8ZroSfjGFA:PeKrJJuf86AYcwoaoSbr
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-