Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a97c1a8408dcc1793ce343775162cb6f_JaffaCakes118
-
Size
152KB
-
Sample
240819-egqcassgmd
-
MD5
a97c1a8408dcc1793ce343775162cb6f
-
SHA1
aaf817571ea078fa91a26b59ccb6301c747d34de
-
SHA256
03a68480aae3ecb2791a039cdb9ac512f423d297c31fc9d654db31fd0aee419f
-
SHA512
856fc1edd19e5f7a40cd501dad9b20700e8d333be00e9af7819525bef22edd8b4028223f98c32bc908283e21c06a18ff63fa9c953dd10a0c6cbd36c85ea273c9
-
SSDEEP
3072:GMGuPYYh0ZY++7DxNUbaxIcz93bOButK+Hog:n++7DxVh3bHYg
Static task
static1
Behavioral task
behavioral1
Sample
a97c1a8408dcc1793ce343775162cb6f_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a97c1a8408dcc1793ce343775162cb6f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
a97c1a8408dcc1793ce343775162cb6f_JaffaCakes118
-
Size
152KB
-
MD5
a97c1a8408dcc1793ce343775162cb6f
-
SHA1
aaf817571ea078fa91a26b59ccb6301c747d34de
-
SHA256
03a68480aae3ecb2791a039cdb9ac512f423d297c31fc9d654db31fd0aee419f
-
SHA512
856fc1edd19e5f7a40cd501dad9b20700e8d333be00e9af7819525bef22edd8b4028223f98c32bc908283e21c06a18ff63fa9c953dd10a0c6cbd36c85ea273c9
-
SSDEEP
3072:GMGuPYYh0ZY++7DxNUbaxIcz93bOButK+Hog:n++7DxVh3bHYg
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2