Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2aa795e7dcf3bd2b601a890711c892f4_JaffaCakes118
-
Size
60KB
-
Sample
240708-ct9klaxhnn
-
MD5
2aa795e7dcf3bd2b601a890711c892f4
-
SHA1
305a0fb64296f3c27d4af02803312b3aff9afc24
-
SHA256
13eeac587c8a32a64847568f99a60012534647fe9540cc0b540df4e113dcf0f2
-
SHA512
3247e7a64684f215488e083436c446e0450ad61925fbca291ef54eee47958db86058c06cf900b561da9a8fb7ff2f1071675d26d3dfb1a91615cbaf4bdb206a3b
-
SSDEEP
1536:CJiYU3BtpCdtWMrd4IJfzc5TOtnVxhxMU:CJil3BHCdtWxSLMTOtVxgU
Behavioral task
behavioral1
Sample
2aa795e7dcf3bd2b601a890711c892f4_JaffaCakes118.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2aa795e7dcf3bd2b601a890711c892f4_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2aa795e7dcf3bd2b601a890711c892f4_JaffaCakes118
-
Size
60KB
-
MD5
2aa795e7dcf3bd2b601a890711c892f4
-
SHA1
305a0fb64296f3c27d4af02803312b3aff9afc24
-
SHA256
13eeac587c8a32a64847568f99a60012534647fe9540cc0b540df4e113dcf0f2
-
SHA512
3247e7a64684f215488e083436c446e0450ad61925fbca291ef54eee47958db86058c06cf900b561da9a8fb7ff2f1071675d26d3dfb1a91615cbaf4bdb206a3b
-
SSDEEP
1536:CJiYU3BtpCdtWMrd4IJfzc5TOtnVxhxMU:CJil3BHCdtWxSLMTOtVxgU
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-