Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
68a39f2f1197a300cbebe7846d20819e_JaffaCakes118
-
Size
365KB
-
Sample
240723-ya2arstfpl
-
MD5
68a39f2f1197a300cbebe7846d20819e
-
SHA1
5af537bfde3a6f733ad1abab772049afd948e47e
-
SHA256
014235c5be3a174f645cf24f181b180505275aea25ca4952ef9117284e275ce3
-
SHA512
24a8f52e587df0627abe6c79a83c1f0639deef1c1572c0f5e9273d0799cecdb0def2b708bb7a60c675f96f2efee1301a1e3bface245e6fb8cab1febcb088efe9
-
SSDEEP
6144:hw5byKQwt9zcnrlMCItHZ3vHCbWnVW5GJZ2tNYLj8Mfs7uDlRIz:hw57JzcrG/KyVzYKj86saDX6
Static task
static1
Behavioral task
behavioral1
Sample
68a39f2f1197a300cbebe7846d20819e_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
68a39f2f1197a300cbebe7846d20819e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
68a39f2f1197a300cbebe7846d20819e_JaffaCakes118
-
Size
365KB
-
MD5
68a39f2f1197a300cbebe7846d20819e
-
SHA1
5af537bfde3a6f733ad1abab772049afd948e47e
-
SHA256
014235c5be3a174f645cf24f181b180505275aea25ca4952ef9117284e275ce3
-
SHA512
24a8f52e587df0627abe6c79a83c1f0639deef1c1572c0f5e9273d0799cecdb0def2b708bb7a60c675f96f2efee1301a1e3bface245e6fb8cab1febcb088efe9
-
SSDEEP
6144:hw5byKQwt9zcnrlMCItHZ3vHCbWnVW5GJZ2tNYLj8Mfs7uDlRIz:hw57JzcrG/KyVzYKj86saDX6
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-