Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0177e67dfee61f990472e22859b9caee_JaffaCakes118
-
Size
182KB
-
Sample
240727-2h8atsvgnb
-
MD5
0177e67dfee61f990472e22859b9caee
-
SHA1
a7b06f425a6d77af315de240f78073064cdd3d38
-
SHA256
2dabd77f0095c4f8856142c94f41561f4484b8fe7ad0daa012bb98024f1b695a
-
SHA512
997e87e05c0703fb8880429f2875ef99bff84a116e099dafa92cc2602850c686bdda28fb36a5eb92c701bf87ca40c96ea27a9dace3bbf7cf3facfc66a4dae727
-
SSDEEP
768:r/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLTb:rRsvcdcQjosnvnZ6LQ1E3
Static task
static1
Behavioral task
behavioral1
Sample
0177e67dfee61f990472e22859b9caee_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
0177e67dfee61f990472e22859b9caee_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
griptoloji - Password:
741852
Targets
-
-
Target
0177e67dfee61f990472e22859b9caee_JaffaCakes118
-
Size
182KB
-
MD5
0177e67dfee61f990472e22859b9caee
-
SHA1
a7b06f425a6d77af315de240f78073064cdd3d38
-
SHA256
2dabd77f0095c4f8856142c94f41561f4484b8fe7ad0daa012bb98024f1b695a
-
SHA512
997e87e05c0703fb8880429f2875ef99bff84a116e099dafa92cc2602850c686bdda28fb36a5eb92c701bf87ca40c96ea27a9dace3bbf7cf3facfc66a4dae727
-
SSDEEP
768:r/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLTb:rRsvcdcQjosnvnZ6LQ1E3
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-