Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b2fc9bf4a5a172d594e368f10c4373a0_JaffaCakes118
-
Size
124KB
-
Sample
240821-lsg9dsvgrm
-
MD5
b2fc9bf4a5a172d594e368f10c4373a0
-
SHA1
7ee335aeb12966e4b80486a632dfac8d635045b1
-
SHA256
ac9cb2e8185716a154b0ea7abf851704f269f836fc98733ae1463fad65425dcb
-
SHA512
0f65b4386ef765761ab2714c293185e691e6ad7a227f6c224a26162c93c3b6915db78fa306284e85754879276c30328d34f03e27b83b7068885c1966b99e09f5
-
SSDEEP
1536:Prtkj2TQkUU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9Ve+NeG0h/x:Zkj9kUU0GgAT92p
Static task
static1
Behavioral task
behavioral1
Sample
b2fc9bf4a5a172d594e368f10c4373a0_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b2fc9bf4a5a172d594e368f10c4373a0_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b2fc9bf4a5a172d594e368f10c4373a0_JaffaCakes118
-
Size
124KB
-
MD5
b2fc9bf4a5a172d594e368f10c4373a0
-
SHA1
7ee335aeb12966e4b80486a632dfac8d635045b1
-
SHA256
ac9cb2e8185716a154b0ea7abf851704f269f836fc98733ae1463fad65425dcb
-
SHA512
0f65b4386ef765761ab2714c293185e691e6ad7a227f6c224a26162c93c3b6915db78fa306284e85754879276c30328d34f03e27b83b7068885c1966b99e09f5
-
SSDEEP
1536:Prtkj2TQkUU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9Ve+NeG0h/x:Zkj9kUU0GgAT92p
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2