Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
228874def7c66476be40389394d5ddc6_JaffaCakes118
-
Size
19KB
-
Sample
240703-qwl4zaygje
-
MD5
228874def7c66476be40389394d5ddc6
-
SHA1
fdf3f6c66f47e8d1641341424baea9ec8075a2fd
-
SHA256
f50be667a3879fe4cda7b73d15971dddaad828b6dcfe983322737b2e9f46956f
-
SHA512
385457724e99aa77e6e5b1217237809e1d03918f9928e3aa4b09f9b43ab096005e5e412240456c65dd7967a60841193b6cb896989e6aedf70928c6f9027f3b72
-
SSDEEP
384:4U8l7m2vDBlXAyomDFuAxAagu3KkHF3Q03sxfhB4vZCWp208XCI6VDhAbkD+:4/l7m29qMDNxAagu3hQ0cJ6ZCQ2yIQDq
Static task
static1
Behavioral task
behavioral1
Sample
228874def7c66476be40389394d5ddc6_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
228874def7c66476be40389394d5ddc6_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
228874def7c66476be40389394d5ddc6_JaffaCakes118
-
Size
19KB
-
MD5
228874def7c66476be40389394d5ddc6
-
SHA1
fdf3f6c66f47e8d1641341424baea9ec8075a2fd
-
SHA256
f50be667a3879fe4cda7b73d15971dddaad828b6dcfe983322737b2e9f46956f
-
SHA512
385457724e99aa77e6e5b1217237809e1d03918f9928e3aa4b09f9b43ab096005e5e412240456c65dd7967a60841193b6cb896989e6aedf70928c6f9027f3b72
-
SSDEEP
384:4U8l7m2vDBlXAyomDFuAxAagu3KkHF3Q03sxfhB4vZCWp208XCI6VDhAbkD+:4/l7m29qMDNxAagu3hQ0cJ6ZCQ2yIQDq
Score8/10-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-