Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5e92e3c43243a924236e369d12adc5eb_JaffaCakes118
-
Size
803KB
-
Sample
240720-b9dbna1dlm
-
MD5
5e92e3c43243a924236e369d12adc5eb
-
SHA1
cfa810ec7b4f022f94d30e2e9e2f5c9bd3ce9d71
-
SHA256
5992c641c7cdd9dd43ccea4f29bde2181abce642006e3e1fbab03e748ed1d192
-
SHA512
d4f19337d16eca07a01f915f46f02ab5eec56813b48e95e7323493b7f8e8a1aa6f07e46549d8e2ef521a55177b9f6a1c00c9a814dd28885006b16162ea911943
-
SSDEEP
24576:ENTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:ENTjYz/lWRj2R9DtJes
Static task
static1
Behavioral task
behavioral1
Sample
5e92e3c43243a924236e369d12adc5eb_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5e92e3c43243a924236e369d12adc5eb_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
5e92e3c43243a924236e369d12adc5eb_JaffaCakes118
-
Size
803KB
-
MD5
5e92e3c43243a924236e369d12adc5eb
-
SHA1
cfa810ec7b4f022f94d30e2e9e2f5c9bd3ce9d71
-
SHA256
5992c641c7cdd9dd43ccea4f29bde2181abce642006e3e1fbab03e748ed1d192
-
SHA512
d4f19337d16eca07a01f915f46f02ab5eec56813b48e95e7323493b7f8e8a1aa6f07e46549d8e2ef521a55177b9f6a1c00c9a814dd28885006b16162ea911943
-
SSDEEP
24576:ENTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:ENTjYz/lWRj2R9DtJes
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-