Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a6f0550cb2fbfe90563cf4f8426cda6e_JaffaCakes118
-
Size
728KB
-
Sample
240818-rc4ekszcmm
-
MD5
a6f0550cb2fbfe90563cf4f8426cda6e
-
SHA1
dd15b140c78bf4854741ee9f41953f21b9f272ba
-
SHA256
2e42d12c7196da8ec30cc6431c4dbb9e64c8b5322782038a7e7e5f6498be4169
-
SHA512
86634c6c1b0f1230103e022e3c2a28b4e35dd7bc976e06ac8837ed3179c0b065552482f00ed47254909fc50139806b3aa52586766f570581c2461c070b1ac2e3
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXF/meGDgGeItoEc9GspWZhASRXHYnrmOM:lEc8H5fMLN2Kb7FrGlFtov9GsqRXHYr8
Static task
static1
Behavioral task
behavioral1
Sample
a6f0550cb2fbfe90563cf4f8426cda6e_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a6f0550cb2fbfe90563cf4f8426cda6e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
a6f0550cb2fbfe90563cf4f8426cda6e_JaffaCakes118
-
Size
728KB
-
MD5
a6f0550cb2fbfe90563cf4f8426cda6e
-
SHA1
dd15b140c78bf4854741ee9f41953f21b9f272ba
-
SHA256
2e42d12c7196da8ec30cc6431c4dbb9e64c8b5322782038a7e7e5f6498be4169
-
SHA512
86634c6c1b0f1230103e022e3c2a28b4e35dd7bc976e06ac8837ed3179c0b065552482f00ed47254909fc50139806b3aa52586766f570581c2461c070b1ac2e3
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXF/meGDgGeItoEc9GspWZhASRXHYnrmOM:lEc8H5fMLN2Kb7FrGlFtov9GsqRXHYr8
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1