Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7799429f48e965004cd1df9abaea60d9_JaffaCakes118
-
Size
150KB
-
Sample
240727-kzmxsasbqf
-
MD5
7799429f48e965004cd1df9abaea60d9
-
SHA1
b2261bdc6f9c51c443706be6c261dd4fcf53e963
-
SHA256
6dee1b05c0a53726ec4d0243bd85e5bc64873a41750fb23dbf70fdfb34c7adf3
-
SHA512
14a19436ce40c1caadee7b2fd76e85ea46df426a8e74587a7fc00812c318cfc4753b25c538e9b7cb5e74b48604d1bcced291ec987b4499f4c0046098d6d0a32e
-
SSDEEP
3072:0bm2raYSiJhEynrGbVPJJocLVoCawzoxfWBSlxXwF5lk+K8Ubtv:qmyEyrYVPJJpLvavWBAxXw3lf4
Static task
static1
Behavioral task
behavioral1
Sample
7799429f48e965004cd1df9abaea60d9_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
7799429f48e965004cd1df9abaea60d9_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
7799429f48e965004cd1df9abaea60d9_JaffaCakes118
-
Size
150KB
-
MD5
7799429f48e965004cd1df9abaea60d9
-
SHA1
b2261bdc6f9c51c443706be6c261dd4fcf53e963
-
SHA256
6dee1b05c0a53726ec4d0243bd85e5bc64873a41750fb23dbf70fdfb34c7adf3
-
SHA512
14a19436ce40c1caadee7b2fd76e85ea46df426a8e74587a7fc00812c318cfc4753b25c538e9b7cb5e74b48604d1bcced291ec987b4499f4c0046098d6d0a32e
-
SSDEEP
3072:0bm2raYSiJhEynrGbVPJJocLVoCawzoxfWBSlxXwF5lk+K8Ubtv:qmyEyrYVPJJpLvavWBAxXw3lf4
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-