Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3d4d90672a3439a7130869841a30d3f1_JaffaCakes118
-
Size
457KB
-
Sample
240712-n7vt5sseqp
-
MD5
3d4d90672a3439a7130869841a30d3f1
-
SHA1
1237a90c9bd395370f5f2fd3385c9b4fb03cb4a5
-
SHA256
16ac200407b4b2012c7e80ea57dfd15b254f7cfabf7499ee6405b215dfd780dc
-
SHA512
b20cbbd845873cd307de70bba10dadf7ab24e8857d8c175280cb637ce72629c288a0cd6458697fae15c7f4e00425d147ad3533ceeae8171126ace2d1bfd0fed9
-
SSDEEP
6144:t515R5b515R5b5R5b51515R5b515R5b51515R5b52:a
Behavioral task
behavioral1
Sample
3d4d90672a3439a7130869841a30d3f1_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3d4d90672a3439a7130869841a30d3f1_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
3d4d90672a3439a7130869841a30d3f1_JaffaCakes118
-
Size
457KB
-
MD5
3d4d90672a3439a7130869841a30d3f1
-
SHA1
1237a90c9bd395370f5f2fd3385c9b4fb03cb4a5
-
SHA256
16ac200407b4b2012c7e80ea57dfd15b254f7cfabf7499ee6405b215dfd780dc
-
SHA512
b20cbbd845873cd307de70bba10dadf7ab24e8857d8c175280cb637ce72629c288a0cd6458697fae15c7f4e00425d147ad3533ceeae8171126ace2d1bfd0fed9
-
SSDEEP
6144:t515R5b515R5b5R5b51515R5b515R5b51515R5b52:a
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-