Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aafa209f2e54ede4c6b13969d852cf98_JaffaCakes118
-
Size
1.3MB
-
Sample
240819-pd81cawhmr
-
MD5
aafa209f2e54ede4c6b13969d852cf98
-
SHA1
9f001870f43fe2f107c11212b4d1b916d50cdd4b
-
SHA256
630afea181b3cee4e3ad4ddc6f3e3d9bad277dadf75002a020529e553d45488a
-
SHA512
b98908af30841d2b054b23a38fc8b646a8784c1d88df37722d730dafd687346b04eb4b4ae4f01320e15b554c3855a315adad04c25451316858c40fc0c4c34287
-
SSDEEP
24576:vK9mfgoKvASnt3LBDal8Xw00Rt8YpMgYtC:w2Intt+OEdMg
Static task
static1
Behavioral task
behavioral1
Sample
aafa209f2e54ede4c6b13969d852cf98_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
aafa209f2e54ede4c6b13969d852cf98_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
aafa209f2e54ede4c6b13969d852cf98_JaffaCakes118
-
Size
1.3MB
-
MD5
aafa209f2e54ede4c6b13969d852cf98
-
SHA1
9f001870f43fe2f107c11212b4d1b916d50cdd4b
-
SHA256
630afea181b3cee4e3ad4ddc6f3e3d9bad277dadf75002a020529e553d45488a
-
SHA512
b98908af30841d2b054b23a38fc8b646a8784c1d88df37722d730dafd687346b04eb4b4ae4f01320e15b554c3855a315adad04c25451316858c40fc0c4c34287
-
SSDEEP
24576:vK9mfgoKvASnt3LBDal8Xw00Rt8YpMgYtC:w2Intt+OEdMg
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-