Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3796dccda5d07130ae9dd41940fce54c_JaffaCakes118
-
Size
134KB
-
Sample
240711-ebznsaxdrm
-
MD5
3796dccda5d07130ae9dd41940fce54c
-
SHA1
2e35da547dda3c31f2062975935b3c09ab7f2a47
-
SHA256
aed2c28ae943822820d8edf1c47cc4f92746da7ebad167021ee53a3b8791d5c6
-
SHA512
625cb0d506e9bbe11ad1a72e3e6eba094451b7bc26e3957df706ae23ff7a4362726c6a528679bfb57415ee6c69b28a257d28934d2e8476c18b903141838839a0
-
SSDEEP
1536:qQ7E4qUpcdWpYKNhPLfcshBFvzFcZ/kANE+:qCE4jmgYKHPLfVDJFc2A3
Behavioral task
behavioral1
Sample
3796dccda5d07130ae9dd41940fce54c_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3796dccda5d07130ae9dd41940fce54c_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
3796dccda5d07130ae9dd41940fce54c_JaffaCakes118
-
Size
134KB
-
MD5
3796dccda5d07130ae9dd41940fce54c
-
SHA1
2e35da547dda3c31f2062975935b3c09ab7f2a47
-
SHA256
aed2c28ae943822820d8edf1c47cc4f92746da7ebad167021ee53a3b8791d5c6
-
SHA512
625cb0d506e9bbe11ad1a72e3e6eba094451b7bc26e3957df706ae23ff7a4362726c6a528679bfb57415ee6c69b28a257d28934d2e8476c18b903141838839a0
-
SSDEEP
1536:qQ7E4qUpcdWpYKNhPLfcshBFvzFcZ/kANE+:qCE4jmgYKHPLfVDJFc2A3
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-