Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b3374be854f03297523727b7a7396b30_JaffaCakes118
-
Size
348KB
-
Sample
240821-m6gepavdjg
-
MD5
b3374be854f03297523727b7a7396b30
-
SHA1
4312ac92056856520d022b333da5bc29b3e82ebb
-
SHA256
d897b4a0542f45302a7d731a79297f4cdc1af581a95656ddf796db32de17e11e
-
SHA512
be7e0c602bbf318705493c62ffa244c2687f1a04b7ddceb9f8b1b4b2f3bdc1ef9426c72361a786fe2802c75d380cbf3d6a4a9a2a55b110f476fa647b3a402556
-
SSDEEP
6144:ocN+oSW1raujBY+pSAojOfgVqlEE1kOxq8JBC2AcBQPk:tco9VBpSAojOf8iVJBBAcB
Static task
static1
Behavioral task
behavioral1
Sample
b3374be854f03297523727b7a7396b30_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b3374be854f03297523727b7a7396b30_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b3374be854f03297523727b7a7396b30_JaffaCakes118
-
Size
348KB
-
MD5
b3374be854f03297523727b7a7396b30
-
SHA1
4312ac92056856520d022b333da5bc29b3e82ebb
-
SHA256
d897b4a0542f45302a7d731a79297f4cdc1af581a95656ddf796db32de17e11e
-
SHA512
be7e0c602bbf318705493c62ffa244c2687f1a04b7ddceb9f8b1b4b2f3bdc1ef9426c72361a786fe2802c75d380cbf3d6a4a9a2a55b110f476fa647b3a402556
-
SSDEEP
6144:ocN+oSW1raujBY+pSAojOfgVqlEE1kOxq8JBC2AcBQPk:tco9VBpSAojOf8iVJBBAcB
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-