Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2c32f844e0cd375070e06bb9e0e215da_JaffaCakes118
-
Size
16KB
-
Sample
240708-nsx1ysxbnp
-
MD5
2c32f844e0cd375070e06bb9e0e215da
-
SHA1
20e1f35297d62e3cdc6ebbf8788649eed1854655
-
SHA256
93278a2db71873c7503dd0986c31c4b41d7ff649ef8cd07986278595e5e65933
-
SHA512
1265345ca01a7cdb5ae2de6ee3589feebf22967af0e25281a10222f8429fa507f667e5d4998d6173201c90bbf72713af673becb712b6f405c90f961954416a17
-
SSDEEP
192:f83msQ4B1Z8F274/JQtCBdH0dHRdHwdHPH1SdHK18G+j5P:f+mcB1Z8jxQtCBqrmuw+B
Static task
static1
Behavioral task
behavioral1
Sample
2c32f844e0cd375070e06bb9e0e215da_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2c32f844e0cd375070e06bb9e0e215da_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2c32f844e0cd375070e06bb9e0e215da_JaffaCakes118
-
Size
16KB
-
MD5
2c32f844e0cd375070e06bb9e0e215da
-
SHA1
20e1f35297d62e3cdc6ebbf8788649eed1854655
-
SHA256
93278a2db71873c7503dd0986c31c4b41d7ff649ef8cd07986278595e5e65933
-
SHA512
1265345ca01a7cdb5ae2de6ee3589feebf22967af0e25281a10222f8429fa507f667e5d4998d6173201c90bbf72713af673becb712b6f405c90f961954416a17
-
SSDEEP
192:f83msQ4B1Z8F274/JQtCBdH0dHRdHwdHPH1SdHK18G+j5P:f+mcB1Z8jxQtCBqrmuw+B
Score8/10-
Adds policy Run key to start application
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Image File Execution Options Injection
1