Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9fff4fd71e305a6eaff2a46d0d6df6af_JaffaCakes118
-
Size
252KB
-
Sample
240816-1afeea1gqn
-
MD5
9fff4fd71e305a6eaff2a46d0d6df6af
-
SHA1
7a46e7b72c6ed05715f33d68955e80e86a6380be
-
SHA256
511815e0b9027904181936012a2795d3739d6586dac1775bc8985d0e5db143d3
-
SHA512
ca6c8234ca3110b7f378550b81e1ea189fdbfaa2056e95f1258d1b5de65695347bdbadd795e3ebe261442e4184ef1864257fd0a161ab7c6b47b41aa9b674cebc
-
SSDEEP
6144:6ml7FNnnPbuxN8b7giqR20NGNccko5Knvmb7/D26i02maSTOarRfG:pl7FNnjuxN8cGNccko5Knvmb7/D26i0Y
Static task
static1
Behavioral task
behavioral1
Sample
9fff4fd71e305a6eaff2a46d0d6df6af_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
9fff4fd71e305a6eaff2a46d0d6df6af_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9fff4fd71e305a6eaff2a46d0d6df6af_JaffaCakes118
-
Size
252KB
-
MD5
9fff4fd71e305a6eaff2a46d0d6df6af
-
SHA1
7a46e7b72c6ed05715f33d68955e80e86a6380be
-
SHA256
511815e0b9027904181936012a2795d3739d6586dac1775bc8985d0e5db143d3
-
SHA512
ca6c8234ca3110b7f378550b81e1ea189fdbfaa2056e95f1258d1b5de65695347bdbadd795e3ebe261442e4184ef1864257fd0a161ab7c6b47b41aa9b674cebc
-
SSDEEP
6144:6ml7FNnnPbuxN8b7giqR20NGNccko5Knvmb7/D26i02maSTOarRfG:pl7FNnjuxN8cGNccko5Knvmb7/D26i0Y
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2