Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b2b7626d718add3a99a0868a620a8a60_JaffaCakes118
-
Size
212KB
-
Sample
240821-j2l8lasajq
-
MD5
b2b7626d718add3a99a0868a620a8a60
-
SHA1
eeebd601b12adccd673d87d8561d3b8e2709a80f
-
SHA256
7225ad44303d4424a28a5a3bbbcd0d64f08c7bb5edd59966cea570bf3874e73e
-
SHA512
790ef472a2af17630cddbf8f7dbfbe8276c338bc3a48c37c480dda4093406820eda1c2201b424cd69d6a30ed8b6477c1de77b881dd779320bc5f54f42125eb93
-
SSDEEP
6144:HsGO2JG4GpRKnvmb7/D26h/xFb8RQF9jwC/tRvPXbyheAg4ZIjJGe5S:MGOUPURKnvmb7/D26xb8RQF9jwC/TvPo
Static task
static1
Behavioral task
behavioral1
Sample
b2b7626d718add3a99a0868a620a8a60_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b2b7626d718add3a99a0868a620a8a60_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b2b7626d718add3a99a0868a620a8a60_JaffaCakes118
-
Size
212KB
-
MD5
b2b7626d718add3a99a0868a620a8a60
-
SHA1
eeebd601b12adccd673d87d8561d3b8e2709a80f
-
SHA256
7225ad44303d4424a28a5a3bbbcd0d64f08c7bb5edd59966cea570bf3874e73e
-
SHA512
790ef472a2af17630cddbf8f7dbfbe8276c338bc3a48c37c480dda4093406820eda1c2201b424cd69d6a30ed8b6477c1de77b881dd779320bc5f54f42125eb93
-
SSDEEP
6144:HsGO2JG4GpRKnvmb7/D26h/xFb8RQF9jwC/tRvPXbyheAg4ZIjJGe5S:MGOUPURKnvmb7/D26xb8RQF9jwC/TvPo
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2