Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a1457583100181705617dabaf927fc14_JaffaCakes118
-
Size
258KB
-
Sample
240817-fk77ysyblc
-
MD5
a1457583100181705617dabaf927fc14
-
SHA1
88cdfa7cd8f2f2122b37e8927ab9d7df769027bb
-
SHA256
176e869fd27e7c0cc7fd792d3575963263e78ad778e79dbe3d5e2320ee57bd4d
-
SHA512
3617a3fff7402cea4cb890a6d6b190fc347360a4d42011c03f75170b7f3ad1269018c06c27ebdc8cdfd5cb10afe42ec55b3454bf5aa212988111021e7487126d
-
SSDEEP
6144:aAZwSS8IhmjRFbNSBg0nr6LyaEnr6Lya:aAZtS8RS9nrvnr
Static task
static1
Behavioral task
behavioral1
Sample
a1457583100181705617dabaf927fc14_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
a1457583100181705617dabaf927fc14_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
Protocol: ftp- Host:
ftpperso.free.fr - Port:
21 - Username:
msnpromo - Password:
celine
Targets
-
-
Target
a1457583100181705617dabaf927fc14_JaffaCakes118
-
Size
258KB
-
MD5
a1457583100181705617dabaf927fc14
-
SHA1
88cdfa7cd8f2f2122b37e8927ab9d7df769027bb
-
SHA256
176e869fd27e7c0cc7fd792d3575963263e78ad778e79dbe3d5e2320ee57bd4d
-
SHA512
3617a3fff7402cea4cb890a6d6b190fc347360a4d42011c03f75170b7f3ad1269018c06c27ebdc8cdfd5cb10afe42ec55b3454bf5aa212988111021e7487126d
-
SSDEEP
6144:aAZwSS8IhmjRFbNSBg0nr6LyaEnr6Lya:aAZtS8RS9nrvnr
Score10/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-