Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b57f7afafc40fd8ee8a0312eea4382cd_JaffaCakes118
-
Size
154KB
-
Sample
240821-3mg5wawhqd
-
MD5
b57f7afafc40fd8ee8a0312eea4382cd
-
SHA1
8ab00b5eb8607c7a04ddc881b2731728ca6a7167
-
SHA256
f8c1c23ace9dbcc7aec6e9fe47c2dd39ceea452af5d9ba1086e85ad31e93a8c0
-
SHA512
1a0c073d0d252302b6ec619f14f25fcf1f470854242c4c25eb9683aec8909f8e481b26df0a4d2f8148dbfba637515c78daa2a2e952dd39e60b1b1e68f34d35f2
-
SSDEEP
3072:3+hOPTdZ/ljsHm/svxTuhaCSzaCx0MDi7sfvyEFQimi5WEpk:3QKTdnsvx6SOe0MD4sfvyyBcgk
Static task
static1
Behavioral task
behavioral1
Sample
b57f7afafc40fd8ee8a0312eea4382cd_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
b57f7afafc40fd8ee8a0312eea4382cd_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b57f7afafc40fd8ee8a0312eea4382cd_JaffaCakes118
-
Size
154KB
-
MD5
b57f7afafc40fd8ee8a0312eea4382cd
-
SHA1
8ab00b5eb8607c7a04ddc881b2731728ca6a7167
-
SHA256
f8c1c23ace9dbcc7aec6e9fe47c2dd39ceea452af5d9ba1086e85ad31e93a8c0
-
SHA512
1a0c073d0d252302b6ec619f14f25fcf1f470854242c4c25eb9683aec8909f8e481b26df0a4d2f8148dbfba637515c78daa2a2e952dd39e60b1b1e68f34d35f2
-
SSDEEP
3072:3+hOPTdZ/ljsHm/svxTuhaCSzaCx0MDi7sfvyEFQimi5WEpk:3QKTdnsvx6SOe0MD4sfvyyBcgk
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-