Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3dc426881aefe72a44fa70879d615317_JaffaCakes118
-
Size
921KB
-
Sample
240712-rv298szcrf
-
MD5
3dc426881aefe72a44fa70879d615317
-
SHA1
520897c55fc8a25e834f7442243464d99d73c64b
-
SHA256
643ca07224e075e20fb81f4462bdbbca04c61891329e275544b5a117adfe0005
-
SHA512
8584c26b61824f29f09905d7aac20e3acabcfab160e2506dad8ef5d2bca632b225830d8c597ab8d61ed524054b696bfc8fe43d8758cf347a80d66c69166e1779
-
SSDEEP
24576:XaGo7wr6HAslncJgpy2PsaeF//s05pOsp:LqAQsCp4/T5p9
Static task
static1
Behavioral task
behavioral1
Sample
3dc426881aefe72a44fa70879d615317_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3dc426881aefe72a44fa70879d615317_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
3dc426881aefe72a44fa70879d615317_JaffaCakes118
-
Size
921KB
-
MD5
3dc426881aefe72a44fa70879d615317
-
SHA1
520897c55fc8a25e834f7442243464d99d73c64b
-
SHA256
643ca07224e075e20fb81f4462bdbbca04c61891329e275544b5a117adfe0005
-
SHA512
8584c26b61824f29f09905d7aac20e3acabcfab160e2506dad8ef5d2bca632b225830d8c597ab8d61ed524054b696bfc8fe43d8758cf347a80d66c69166e1779
-
SSDEEP
24576:XaGo7wr6HAslncJgpy2PsaeF//s05pOsp:LqAQsCp4/T5p9
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-