Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
66de8e793c5b12fc59e2433a800350bf_JaffaCakes118
-
Size
33KB
-
Sample
240723-klc6esxgmq
-
MD5
66de8e793c5b12fc59e2433a800350bf
-
SHA1
7b22fca3d9b793ec6b41847a252d0af779d0970d
-
SHA256
56fc71f92fd431be7506a8c2d5aeef7bad9ddc70471cfb1f68c3fcc4c4f90e0a
-
SHA512
f068e58ab7d081e82bd5fa7cffe6eb67cab2ab9fbf5f117322b9c6e846b2175439b008871946159b7b0d34fe3776983a265e71b5423034104c3da8db1d7be5b7
-
SSDEEP
768:cyTq5KLMqsOj6LGkD19/wwlP8/DXfvbOUDp8leGs3nStS0v:zScMeWLGkD19/wwqrX97GO2t
Static task
static1
Behavioral task
behavioral1
Sample
66de8e793c5b12fc59e2433a800350bf_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
66de8e793c5b12fc59e2433a800350bf_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
66de8e793c5b12fc59e2433a800350bf_JaffaCakes118
-
Size
33KB
-
MD5
66de8e793c5b12fc59e2433a800350bf
-
SHA1
7b22fca3d9b793ec6b41847a252d0af779d0970d
-
SHA256
56fc71f92fd431be7506a8c2d5aeef7bad9ddc70471cfb1f68c3fcc4c4f90e0a
-
SHA512
f068e58ab7d081e82bd5fa7cffe6eb67cab2ab9fbf5f117322b9c6e846b2175439b008871946159b7b0d34fe3776983a265e71b5423034104c3da8db1d7be5b7
-
SSDEEP
768:cyTq5KLMqsOj6LGkD19/wwlP8/DXfvbOUDp8leGs3nStS0v:zScMeWLGkD19/wwqrX97GO2t
Score10/10-
Modifies WinLogon for persistence
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-