Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2aff309cabf3a3719f176c3eabda5a97_JaffaCakes118
-
Size
226KB
-
Sample
240708-e7mzvsseqk
-
MD5
2aff309cabf3a3719f176c3eabda5a97
-
SHA1
cb0b130ee18f575a8911f43a9dd81bf6cf28024a
-
SHA256
43a429f299010901a38d826f1259f3d671a3d22b86269f2db797aadb2268871a
-
SHA512
56925a4f2ec0d4bfe442837612a10dd112a60d03d7918992abd0ecc8380415021e01788fe8f4f2177e09d483cd94ac7f826d9da177566dd185276f620dcea137
-
SSDEEP
6144:/Uwep/Pi1Thqvyy4s2BR9W2FtjXwcCOJvq:MxNi1TKyy4s282Ftjgc1vq
Static task
static1
Behavioral task
behavioral1
Sample
2aff309cabf3a3719f176c3eabda5a97_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2aff309cabf3a3719f176c3eabda5a97_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2aff309cabf3a3719f176c3eabda5a97_JaffaCakes118
-
Size
226KB
-
MD5
2aff309cabf3a3719f176c3eabda5a97
-
SHA1
cb0b130ee18f575a8911f43a9dd81bf6cf28024a
-
SHA256
43a429f299010901a38d826f1259f3d671a3d22b86269f2db797aadb2268871a
-
SHA512
56925a4f2ec0d4bfe442837612a10dd112a60d03d7918992abd0ecc8380415021e01788fe8f4f2177e09d483cd94ac7f826d9da177566dd185276f620dcea137
-
SSDEEP
6144:/Uwep/Pi1Thqvyy4s2BR9W2FtjXwcCOJvq:MxNi1TKyy4s282Ftjgc1vq
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-