Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
60084e015cce578bcf6175d3af73bce1_JaffaCakes118
-
Size
34KB
-
Sample
240720-l3bvcsxbrq
-
MD5
60084e015cce578bcf6175d3af73bce1
-
SHA1
d9619d52bc824fdba539fb54fa8e9e68df0b4cdc
-
SHA256
16e39597e6c12031c4dd92c94dbfd8ee915c815159882f6a849eb3ef96a13d22
-
SHA512
a7db800cb550237ab57e281d784b3006decff8225de239a9287e838f7e2ef74673ae478c6274f679ec31bf4f98c66396e5b08323799b4e929d5735ac4ff6b9f0
-
SSDEEP
768:cflivXrVKpVhKvtxwYHwVFoeAQumucwUQj:ylqrVKprVuQuxj
Static task
static1
Behavioral task
behavioral1
Sample
60084e015cce578bcf6175d3af73bce1_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
60084e015cce578bcf6175d3af73bce1_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
60084e015cce578bcf6175d3af73bce1_JaffaCakes118
-
Size
34KB
-
MD5
60084e015cce578bcf6175d3af73bce1
-
SHA1
d9619d52bc824fdba539fb54fa8e9e68df0b4cdc
-
SHA256
16e39597e6c12031c4dd92c94dbfd8ee915c815159882f6a849eb3ef96a13d22
-
SHA512
a7db800cb550237ab57e281d784b3006decff8225de239a9287e838f7e2ef74673ae478c6274f679ec31bf4f98c66396e5b08323799b4e929d5735ac4ff6b9f0
-
SSDEEP
768:cflivXrVKpVhKvtxwYHwVFoeAQumucwUQj:ylqrVKprVuQuxj
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-