Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
23d6ce3a3676ff3ffb1a132fac7d4aef_JaffaCakes118
-
Size
2.1MB
-
Sample
240703-3fq47s1hjn
-
MD5
23d6ce3a3676ff3ffb1a132fac7d4aef
-
SHA1
f08e301e9a95fc2b2510704400b167bbd0a3419d
-
SHA256
86c7d2983d91c7a22a609669d8c9ca5122084f10868777067aea6319be8f9226
-
SHA512
eb91d88f3783e9eef63740e356008e7bfdd8ffdc3f4f649ff81d9913abbf56841a88a75c168a1e5a2f1a4f794799db3bdeac144367eccbfe5eb152488816f022
-
SSDEEP
49152:oBbj9kG4OiW1j6VGrj9t+ScOaidxm+fcfffzX7:URh4OigjSYjW9gxlAfLL
Behavioral task
behavioral1
Sample
23d6ce3a3676ff3ffb1a132fac7d4aef_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
23d6ce3a3676ff3ffb1a132fac7d4aef_JaffaCakes118
-
Size
2.1MB
-
MD5
23d6ce3a3676ff3ffb1a132fac7d4aef
-
SHA1
f08e301e9a95fc2b2510704400b167bbd0a3419d
-
SHA256
86c7d2983d91c7a22a609669d8c9ca5122084f10868777067aea6319be8f9226
-
SHA512
eb91d88f3783e9eef63740e356008e7bfdd8ffdc3f4f649ff81d9913abbf56841a88a75c168a1e5a2f1a4f794799db3bdeac144367eccbfe5eb152488816f022
-
SSDEEP
49152:oBbj9kG4OiW1j6VGrj9t+ScOaidxm+fcfffzX7:URh4OigjSYjW9gxlAfLL
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-