Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
73845d9a8687cebd99fb57a0ef9a5c2c_JaffaCakes118
-
Size
328KB
-
Sample
240726-ln231azcpm
-
MD5
73845d9a8687cebd99fb57a0ef9a5c2c
-
SHA1
60c45525a5be8d12d8b2569a3738183ef0f5ee40
-
SHA256
1681ee92966047652046efe9d62c270c3ff2e615f34981db791d59185351de84
-
SHA512
d770a46b46d9f923174a41cd64ccb5542675b75e7bfb8e3026d7d991dff31a31fd9ef74aecabdd6624b5a3d7c97f67dd1e8ad27523dcbf973560f7f14264ce33
-
SSDEEP
6144:Ake4FipkzuKsEo1gr8lciDn7kRQIMTeDxXezjSIX8okH1z6vzhBRDW0v:w4Fipkzufir8eMTeDxXQX5kH1z67h7rv
Static task
static1
Behavioral task
behavioral1
Sample
73845d9a8687cebd99fb57a0ef9a5c2c_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
73845d9a8687cebd99fb57a0ef9a5c2c_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
73845d9a8687cebd99fb57a0ef9a5c2c_JaffaCakes118
-
Size
328KB
-
MD5
73845d9a8687cebd99fb57a0ef9a5c2c
-
SHA1
60c45525a5be8d12d8b2569a3738183ef0f5ee40
-
SHA256
1681ee92966047652046efe9d62c270c3ff2e615f34981db791d59185351de84
-
SHA512
d770a46b46d9f923174a41cd64ccb5542675b75e7bfb8e3026d7d991dff31a31fd9ef74aecabdd6624b5a3d7c97f67dd1e8ad27523dcbf973560f7f14264ce33
-
SSDEEP
6144:Ake4FipkzuKsEo1gr8lciDn7kRQIMTeDxXezjSIX8okH1z6vzhBRDW0v:w4Fipkzufir8eMTeDxXQX5kH1z67h7rv
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-