Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
affad6a6c657608f7ac958e38bcecc02_JaffaCakes118
-
Size
261KB
-
Sample
240820-t2a6fascmf
-
MD5
affad6a6c657608f7ac958e38bcecc02
-
SHA1
2d078abf6c184ad210d4a65028c81169082764aa
-
SHA256
af88f6d760aadb2386f20cc906940eadcd7f48df3ad444cd78e1ae6aa77ef1a5
-
SHA512
9e21ca5b297cbbb324a472bc9f92d6165344261faafceb2e6bec573a045a03d8f8b44019ad328dc5cb031a762417aa716fdd644ad779d652eae236b1d6f428bd
-
SSDEEP
3072:DkHJ32fINj+uSLiZWzANhiR3rpIdcEW6BExUm9EKUc/wdN6krLz1Xxek9Ao32niG:DPfWiFiZziR3r/EUU4EhzrLBXxzAo4p
Static task
static1
Behavioral task
behavioral1
Sample
affad6a6c657608f7ac958e38bcecc02_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
affad6a6c657608f7ac958e38bcecc02_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
affad6a6c657608f7ac958e38bcecc02_JaffaCakes118
-
Size
261KB
-
MD5
affad6a6c657608f7ac958e38bcecc02
-
SHA1
2d078abf6c184ad210d4a65028c81169082764aa
-
SHA256
af88f6d760aadb2386f20cc906940eadcd7f48df3ad444cd78e1ae6aa77ef1a5
-
SHA512
9e21ca5b297cbbb324a472bc9f92d6165344261faafceb2e6bec573a045a03d8f8b44019ad328dc5cb031a762417aa716fdd644ad779d652eae236b1d6f428bd
-
SSDEEP
3072:DkHJ32fINj+uSLiZWzANhiR3rpIdcEW6BExUm9EKUc/wdN6krLz1Xxek9Ao32niG:DPfWiFiZziR3r/EUU4EhzrLBXxzAo4p
Score8/10-
Event Triggered Execution: AppCert DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppCert DLLs loaded into processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-