Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
66ec18b3057f48556df904b9ce17fba8_JaffaCakes118
-
Size
118KB
-
Sample
240723-kxf2fsxfkd
-
MD5
66ec18b3057f48556df904b9ce17fba8
-
SHA1
b333af179280043650e203c57272472480f7e8ec
-
SHA256
8106749b0c6e58b66bc291fb01fdfca0e4da0e2e9c0cc27968b58fad04954a8a
-
SHA512
c214ac1e1ec4001ffb807d982ab8237f2b0515e31eab345e6e6cb8de0816670ec90065f79d9d31db994eb27baecbfc5c07a6f4019dc191aa27459ec006816b27
-
SSDEEP
768:szQYScGrIubHuYtvdxwYHw5FAe2QOncwx8:OQTIubHy5wQOg
Static task
static1
Behavioral task
behavioral1
Sample
66ec18b3057f48556df904b9ce17fba8_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
66ec18b3057f48556df904b9ce17fba8_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
66ec18b3057f48556df904b9ce17fba8_JaffaCakes118
-
Size
118KB
-
MD5
66ec18b3057f48556df904b9ce17fba8
-
SHA1
b333af179280043650e203c57272472480f7e8ec
-
SHA256
8106749b0c6e58b66bc291fb01fdfca0e4da0e2e9c0cc27968b58fad04954a8a
-
SHA512
c214ac1e1ec4001ffb807d982ab8237f2b0515e31eab345e6e6cb8de0816670ec90065f79d9d31db994eb27baecbfc5c07a6f4019dc191aa27459ec006816b27
-
SSDEEP
768:szQYScGrIubHuYtvdxwYHw5FAe2QOncwx8:OQTIubHy5wQOg
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-