Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ba480da41b6ec6f00fc0d7caf9f11cb3_JaffaCakes118
-
Size
880KB
-
Sample
240823-emr33swhnm
-
MD5
ba480da41b6ec6f00fc0d7caf9f11cb3
-
SHA1
f924f6baa35057ea88154faed0213c154eadcfa0
-
SHA256
47256456d9897ef71eb4a944fbde08aa388aabb85645b5b79ba6dc0c9a106124
-
SHA512
adfa3b2c264d1bcfa82e2d94187a073905cfe55aa08690a1d9e79d9a6a8bc7fe523e49d8bcbd43beec5ab62e26c558e57e7ff72e46d1aa5973fd77d5a39a0b9f
-
SSDEEP
24576:9+6LCb7OdjFbdRGe9PiuImyEaNCXhgtNz5WhCdSjD4kbQsbq7480/uSUsQ6F:9pnCe9qIeNCqfb4j1bT
Static task
static1
Behavioral task
behavioral1
Sample
ba480da41b6ec6f00fc0d7caf9f11cb3_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
ba480da41b6ec6f00fc0d7caf9f11cb3_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
ba480da41b6ec6f00fc0d7caf9f11cb3_JaffaCakes118
-
Size
880KB
-
MD5
ba480da41b6ec6f00fc0d7caf9f11cb3
-
SHA1
f924f6baa35057ea88154faed0213c154eadcfa0
-
SHA256
47256456d9897ef71eb4a944fbde08aa388aabb85645b5b79ba6dc0c9a106124
-
SHA512
adfa3b2c264d1bcfa82e2d94187a073905cfe55aa08690a1d9e79d9a6a8bc7fe523e49d8bcbd43beec5ab62e26c558e57e7ff72e46d1aa5973fd77d5a39a0b9f
-
SSDEEP
24576:9+6LCb7OdjFbdRGe9PiuImyEaNCXhgtNz5WhCdSjD4kbQsbq7480/uSUsQ6F:9pnCe9qIeNCqfb4j1bT
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-