Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3b3e42f54f1c8bfc435401065ea54ee6_JaffaCakes118
-
Size
5.0MB
-
Sample
240712-abddbssfjc
-
MD5
3b3e42f54f1c8bfc435401065ea54ee6
-
SHA1
2673f89f2aabcff2f06b92351fdc60483d0cbd01
-
SHA256
48eb9af9a850ed388a9052922101114f8f7f0c90579cebedea75f6a99277c6b6
-
SHA512
e5c5498bc163db651ff589e62211219330375f23fc69e93cc5416b845af3c200759526c096748ebb5f7e6c83a64fe3675bd28ab027ab8edc29aa7031c0fa631d
-
SSDEEP
98304:Ni4Wkp+/yJcqpDhnzKyyGnIz6pl5kQ/um94iiRq6Fb+KN+UL:Ni4Wkp+/2cqpDhnWyyGIz6p/kSum9k+v
Malware Config
Targets
-
-
Target
3b3e42f54f1c8bfc435401065ea54ee6_JaffaCakes118
-
Size
5.0MB
-
MD5
3b3e42f54f1c8bfc435401065ea54ee6
-
SHA1
2673f89f2aabcff2f06b92351fdc60483d0cbd01
-
SHA256
48eb9af9a850ed388a9052922101114f8f7f0c90579cebedea75f6a99277c6b6
-
SHA512
e5c5498bc163db651ff589e62211219330375f23fc69e93cc5416b845af3c200759526c096748ebb5f7e6c83a64fe3675bd28ab027ab8edc29aa7031c0fa631d
-
SSDEEP
98304:Ni4Wkp+/yJcqpDhnzKyyGnIz6pl5kQ/um94iiRq6Fb+KN+UL:Ni4Wkp+/2cqpDhnWyyGIz6p/kSum9k+v
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-