Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8dc220d9b4d2c1871627d5dbf34f1c6b_JaffaCakes118
-
Size
791KB
-
Sample
240812-hrpejazekp
-
MD5
8dc220d9b4d2c1871627d5dbf34f1c6b
-
SHA1
ae75716ceaf50e60daa3faa335dee4b4bb80f428
-
SHA256
53487547af750c9b525fbfe67cefd8a6c9bbcf333feaead12bce06ac795acd38
-
SHA512
ed837fc74f44b56a532e096775bb2bfa86c7aeaf1ea43789c39f94f0b118f0fd7f570fa4f77d4d6119782ad091e870e5418a8e1acb3097b8cf3985023a74a1ac
-
SSDEEP
24576:3RpNJjMUxuU0QloDzxgeF732uORLqwZ6M71SFuZh:3RpNp5xeQ6xgcLo9YM71Mu
Static task
static1
Behavioral task
behavioral1
Sample
8dc220d9b4d2c1871627d5dbf34f1c6b_JaffaCakes118.dll
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
8dc220d9b4d2c1871627d5dbf34f1c6b_JaffaCakes118
-
Size
791KB
-
MD5
8dc220d9b4d2c1871627d5dbf34f1c6b
-
SHA1
ae75716ceaf50e60daa3faa335dee4b4bb80f428
-
SHA256
53487547af750c9b525fbfe67cefd8a6c9bbcf333feaead12bce06ac795acd38
-
SHA512
ed837fc74f44b56a532e096775bb2bfa86c7aeaf1ea43789c39f94f0b118f0fd7f570fa4f77d4d6119782ad091e870e5418a8e1acb3097b8cf3985023a74a1ac
-
SSDEEP
24576:3RpNJjMUxuU0QloDzxgeF732uORLqwZ6M71SFuZh:3RpNp5xeQ6xgcLo9YM71Mu
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-