Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8803ee70ef14e5c6528fe48b25eac7a0_JaffaCakes118
-
Size
100KB
-
Sample
240810-2x6qjsselm
-
MD5
8803ee70ef14e5c6528fe48b25eac7a0
-
SHA1
48811bc34ed42d6920633135e4758fd5a8fb05b9
-
SHA256
191f2f5f919df71e8401629bb722e269ce1341f3e3d60edf3ae63c19eb3805b8
-
SHA512
776d120af4d4feab6675c66e359c0eee8161d61070ca294b434a8359798bf7df4ce61773101370ba9530b6e6c0e9fe4d587de58ee29977df9aebaac63b02f6de
-
SSDEEP
1536:mLt0W/82NTdwRgLGZcYADZPU1+73BD88b0nyLNIjnZrJ:YwxgZPUQJLCnlJ
Static task
static1
Behavioral task
behavioral1
Sample
8803ee70ef14e5c6528fe48b25eac7a0_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
8803ee70ef14e5c6528fe48b25eac7a0_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
8803ee70ef14e5c6528fe48b25eac7a0_JaffaCakes118
-
Size
100KB
-
MD5
8803ee70ef14e5c6528fe48b25eac7a0
-
SHA1
48811bc34ed42d6920633135e4758fd5a8fb05b9
-
SHA256
191f2f5f919df71e8401629bb722e269ce1341f3e3d60edf3ae63c19eb3805b8
-
SHA512
776d120af4d4feab6675c66e359c0eee8161d61070ca294b434a8359798bf7df4ce61773101370ba9530b6e6c0e9fe4d587de58ee29977df9aebaac63b02f6de
-
SSDEEP
1536:mLt0W/82NTdwRgLGZcYADZPU1+73BD88b0nyLNIjnZrJ:YwxgZPUQJLCnlJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2