Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
82e74d72ee83e2bcf6fd3d72b579d7ef_JaffaCakes118
-
Size
384KB
-
Sample
240802-d76arsydqc
-
MD5
82e74d72ee83e2bcf6fd3d72b579d7ef
-
SHA1
cffeb75143a9de2d64ab8f7faf51fd908dc3adc5
-
SHA256
ad65683420ce84e76f420a2bd927001a70f37dc158449d8fdf8dda16cef38a99
-
SHA512
d4bc70120a3e4cb3940c52819aad79c8fa2a43a35a6946adf563c6f25a80139e43f63e9e607093468a7a48b83be4cd663b5c45cffa62e777c81081fc8b5d70db
-
SSDEEP
6144:Ustj9I2FG6uM4a2TURddDZ23w8QEoKHjWZLKBPvHIWML:CZaxZ2A81vWpaPvO
Static task
static1
Behavioral task
behavioral1
Sample
82e74d72ee83e2bcf6fd3d72b579d7ef_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
82e74d72ee83e2bcf6fd3d72b579d7ef_JaffaCakes118.exe
Resource
win10v2004-20240730-en
Malware Config
Targets
-
-
Target
82e74d72ee83e2bcf6fd3d72b579d7ef_JaffaCakes118
-
Size
384KB
-
MD5
82e74d72ee83e2bcf6fd3d72b579d7ef
-
SHA1
cffeb75143a9de2d64ab8f7faf51fd908dc3adc5
-
SHA256
ad65683420ce84e76f420a2bd927001a70f37dc158449d8fdf8dda16cef38a99
-
SHA512
d4bc70120a3e4cb3940c52819aad79c8fa2a43a35a6946adf563c6f25a80139e43f63e9e607093468a7a48b83be4cd663b5c45cffa62e777c81081fc8b5d70db
-
SSDEEP
6144:Ustj9I2FG6uM4a2TURddDZ23w8QEoKHjWZLKBPvHIWML:CZaxZ2A81vWpaPvO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2