Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
28631d0fdafc463f3926aa952deb83b0_JaffaCakes118
-
Size
1.4MB
-
Sample
240706-q66w5ayhpq
-
MD5
28631d0fdafc463f3926aa952deb83b0
-
SHA1
71707a56a8825af2213b55f1b4eacccc73c8142f
-
SHA256
9139f96f2eeb23fcec4a5acd380cb9146e4f6342eb4800e8adfad18d7bc17f5a
-
SHA512
1666949c3f395a9f6d76dae14bce851a5587ff3414d0d001a4bfa30860559facf4cf1dc03dea0cd3a11102ac08524168bfe9b2074ab05c34afe5c485f015940e
-
SSDEEP
24576:G66tHG/0zL4SeSekrKhG0AmaeC3dODxv6806U9oQT/6Adz2SuI0V:6Hz4SeS+J/BS80h//6AdE
Behavioral task
behavioral1
Sample
28631d0fdafc463f3926aa952deb83b0_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
28631d0fdafc463f3926aa952deb83b0_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
28631d0fdafc463f3926aa952deb83b0_JaffaCakes118
-
Size
1.4MB
-
MD5
28631d0fdafc463f3926aa952deb83b0
-
SHA1
71707a56a8825af2213b55f1b4eacccc73c8142f
-
SHA256
9139f96f2eeb23fcec4a5acd380cb9146e4f6342eb4800e8adfad18d7bc17f5a
-
SHA512
1666949c3f395a9f6d76dae14bce851a5587ff3414d0d001a4bfa30860559facf4cf1dc03dea0cd3a11102ac08524168bfe9b2074ab05c34afe5c485f015940e
-
SSDEEP
24576:G66tHG/0zL4SeSekrKhG0AmaeC3dODxv6806U9oQT/6Adz2SuI0V:6Hz4SeS+J/BS80h//6AdE
Score7/10-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-