Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
24041253e112a67f1fe46cb8c3383d00_JaffaCakes118
-
Size
313KB
-
Sample
240704-atj9lathqk
-
MD5
24041253e112a67f1fe46cb8c3383d00
-
SHA1
4789403e21263ae5177f894e27b90369b46b4b2b
-
SHA256
60d577305e44ad18f69668a7cc94d1f1e443679f617a0e2a64c2f815dd36a4f5
-
SHA512
15ee315a51ddfe70fd8e341ba8059192f6d0ea4fe0ddfbe0f22a6f88b10b89d31e4bbe96197a8c93169028d26d16df273882f42ef94a0d653569c21505a71c76
-
SSDEEP
6144:7VDIykF3mQt0fZv9YC5fn+aCyIK3ccnMxj6YClOam8y:7hedmUWY2W1K3DnsZCcH
Static task
static1
Behavioral task
behavioral1
Sample
24041253e112a67f1fe46cb8c3383d00_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
24041253e112a67f1fe46cb8c3383d00_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
24041253e112a67f1fe46cb8c3383d00_JaffaCakes118
-
Size
313KB
-
MD5
24041253e112a67f1fe46cb8c3383d00
-
SHA1
4789403e21263ae5177f894e27b90369b46b4b2b
-
SHA256
60d577305e44ad18f69668a7cc94d1f1e443679f617a0e2a64c2f815dd36a4f5
-
SHA512
15ee315a51ddfe70fd8e341ba8059192f6d0ea4fe0ddfbe0f22a6f88b10b89d31e4bbe96197a8c93169028d26d16df273882f42ef94a0d653569c21505a71c76
-
SSDEEP
6144:7VDIykF3mQt0fZv9YC5fn+aCyIK3ccnMxj6YClOam8y:7hedmUWY2W1K3DnsZCcH
Score10/10-
Modifies firewall policy service
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-