Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e1798ea5420466c1667188e41e171cb_JaffaCakes118
-
Size
836KB
-
Sample
240712-t5ps1a1frq
-
MD5
3e1798ea5420466c1667188e41e171cb
-
SHA1
8f2003047624655cc5658c9019226c04e7cf7b24
-
SHA256
2cfd2f69f21e92ff67d83babb0c5735bf99cc62961ddfa193f7385467c31c135
-
SHA512
94b8da7be35354e05781cabba1f6503237bf7724a031746f1f15f6d7329e139c1037231f45516f58e784e51a8c50f632b0bf16e9254a0bafbba88d0786bdf468
-
SSDEEP
12288:9ohV56tb4hr+fbtM0E92BD6KqnU7UIXTgdBzAXxto/lJ/zD:9ohV56d41p6BD1qnUQito/D
Static task
static1
Behavioral task
behavioral1
Sample
3e1798ea5420466c1667188e41e171cb_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
3e1798ea5420466c1667188e41e171cb_JaffaCakes118
-
Size
836KB
-
MD5
3e1798ea5420466c1667188e41e171cb
-
SHA1
8f2003047624655cc5658c9019226c04e7cf7b24
-
SHA256
2cfd2f69f21e92ff67d83babb0c5735bf99cc62961ddfa193f7385467c31c135
-
SHA512
94b8da7be35354e05781cabba1f6503237bf7724a031746f1f15f6d7329e139c1037231f45516f58e784e51a8c50f632b0bf16e9254a0bafbba88d0786bdf468
-
SSDEEP
12288:9ohV56tb4hr+fbtM0E92BD6KqnU7UIXTgdBzAXxto/lJ/zD:9ohV56d41p6BD1qnUQito/D
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-