Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2e7d15a5329ade0f17ab8224c3925d3a_JaffaCakes118
-
Size
32KB
-
Sample
240709-bkkpfayclk
-
MD5
2e7d15a5329ade0f17ab8224c3925d3a
-
SHA1
4022beb5f1c2fa63a2d80cc9e55a369bc7175436
-
SHA256
c4ae7e7bd0f94c4ff8892b14295ad2d74279e1082a03e1758231e79c94f16403
-
SHA512
ce2340f9df04ab6f9df7766f41bbbb74fe27a9b260389afd4cd47b78436fca0ae4b7112acd7200f5114bbc55c22d3fb02d71c01d1b248544713088cdb8fec4dd
-
SSDEEP
384:eUEk5GPafpRwt1paJs2VVmWKcF8/NXvPAzz55ZR51WwyK/8GuPP:eC1sBa/ccF8/NX3AnzZR51WpKUGuX
Static task
static1
Behavioral task
behavioral1
Sample
2e7d15a5329ade0f17ab8224c3925d3a_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2e7d15a5329ade0f17ab8224c3925d3a_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2e7d15a5329ade0f17ab8224c3925d3a_JaffaCakes118
-
Size
32KB
-
MD5
2e7d15a5329ade0f17ab8224c3925d3a
-
SHA1
4022beb5f1c2fa63a2d80cc9e55a369bc7175436
-
SHA256
c4ae7e7bd0f94c4ff8892b14295ad2d74279e1082a03e1758231e79c94f16403
-
SHA512
ce2340f9df04ab6f9df7766f41bbbb74fe27a9b260389afd4cd47b78436fca0ae4b7112acd7200f5114bbc55c22d3fb02d71c01d1b248544713088cdb8fec4dd
-
SSDEEP
384:eUEk5GPafpRwt1paJs2VVmWKcF8/NXvPAzz55ZR51WwyK/8GuPP:eC1sBa/ccF8/NX3AnzZR51WpKUGuX
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-