Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
66ed109b34c0cb23b2c4eb36cd0b7161_JaffaCakes118
-
Size
327KB
-
Sample
240723-kx8rgaxfmb
-
MD5
66ed109b34c0cb23b2c4eb36cd0b7161
-
SHA1
427aa9f8da4e7c406366bbee48f0b8cd84a532b6
-
SHA256
fda395d06f8185bbca10e3de802ae2e0ce776388ef92a461c93e4d13e2b1a618
-
SHA512
d60c8b2da5d3542f303d788362bba4e3a7513f0c938cb11fbb32be9793cd2836cf06c2960e76caeb07f8464f791ceae30814e0eaece1231992c767dc0ac04724
-
SSDEEP
6144:UySmuzOzapy5X73Cg3LFpNMz4g6BMvIjjVUjfYJRN1y9q:0iak5X7J3g6BMvIjjVUMJRNb
Static task
static1
Behavioral task
behavioral1
Sample
66ed109b34c0cb23b2c4eb36cd0b7161_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
66ed109b34c0cb23b2c4eb36cd0b7161_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
66ed109b34c0cb23b2c4eb36cd0b7161_JaffaCakes118
-
Size
327KB
-
MD5
66ed109b34c0cb23b2c4eb36cd0b7161
-
SHA1
427aa9f8da4e7c406366bbee48f0b8cd84a532b6
-
SHA256
fda395d06f8185bbca10e3de802ae2e0ce776388ef92a461c93e4d13e2b1a618
-
SHA512
d60c8b2da5d3542f303d788362bba4e3a7513f0c938cb11fbb32be9793cd2836cf06c2960e76caeb07f8464f791ceae30814e0eaece1231992c767dc0ac04724
-
SSDEEP
6144:UySmuzOzapy5X73Cg3LFpNMz4g6BMvIjjVUjfYJRN1y9q:0iak5X7J3g6BMvIjjVUMJRNb
Score9/10-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-