Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
451f9f17ad02a28156283a7d689f1b7e_JaffaCakes118
-
Size
266KB
-
Sample
240714-ktbmkawerd
-
MD5
451f9f17ad02a28156283a7d689f1b7e
-
SHA1
f82aa99a79df0238e8acca041d7a9b5a0cd0b0d0
-
SHA256
647152250e30c698a03b26fcb70609d9833dfc4e5b0b78ad3f331fd2e1ad01ab
-
SHA512
a3882b6ee16b7515dd9049484dd9d4f0a90a0b162cf90079ee07dd5677bd14328b98b660898c2e6cadf02b29b1e04a08d28758612dd864868790b9dad99214bb
-
SSDEEP
6144:pGl75MNTwpRAO02kWWIkFFNyL90lKKhjgcDRznAqnlC:gl75MwRd0KGF+2gSdAglC
Static task
static1
Behavioral task
behavioral1
Sample
451f9f17ad02a28156283a7d689f1b7e_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
451f9f17ad02a28156283a7d689f1b7e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
451f9f17ad02a28156283a7d689f1b7e_JaffaCakes118
-
Size
266KB
-
MD5
451f9f17ad02a28156283a7d689f1b7e
-
SHA1
f82aa99a79df0238e8acca041d7a9b5a0cd0b0d0
-
SHA256
647152250e30c698a03b26fcb70609d9833dfc4e5b0b78ad3f331fd2e1ad01ab
-
SHA512
a3882b6ee16b7515dd9049484dd9d4f0a90a0b162cf90079ee07dd5677bd14328b98b660898c2e6cadf02b29b1e04a08d28758612dd864868790b9dad99214bb
-
SSDEEP
6144:pGl75MNTwpRAO02kWWIkFFNyL90lKKhjgcDRznAqnlC:gl75MwRd0KGF+2gSdAglC
Score10/10-
Modifies WinLogon for persistence
-
Adds Run key to start application
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies WinLogon
-