Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
be5b87e0bb953a1ab3496cf6f7fb5897_JaffaCakes118
-
Size
62KB
-
Sample
240824-l2dybsvckd
-
MD5
be5b87e0bb953a1ab3496cf6f7fb5897
-
SHA1
a6aa09fa8b71a3951911b521e34435093ebd39ec
-
SHA256
444d3e227591e251b3114bee41ac0b14627d3e4aebcc84749bab77316c631bd0
-
SHA512
b93828b41153b217d456de5758c84cb70a2b9ef212494270530f9157afcc29dd7d068cd66aaa305dd5301c460e3662434696d73d61d562b949f0f72755940e74
-
SSDEEP
768:hEDHCnRXpBeLqa0FBh14k7iZLZx4J7W8XmXNBlNDFX7fq/vdqx03weoSb03xd:lRXpBeU6n4PYB7l7oV0S8
Static task
static1
Behavioral task
behavioral1
Sample
be5b87e0bb953a1ab3496cf6f7fb5897_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
be5b87e0bb953a1ab3496cf6f7fb5897_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
be5b87e0bb953a1ab3496cf6f7fb5897_JaffaCakes118
-
Size
62KB
-
MD5
be5b87e0bb953a1ab3496cf6f7fb5897
-
SHA1
a6aa09fa8b71a3951911b521e34435093ebd39ec
-
SHA256
444d3e227591e251b3114bee41ac0b14627d3e4aebcc84749bab77316c631bd0
-
SHA512
b93828b41153b217d456de5758c84cb70a2b9ef212494270530f9157afcc29dd7d068cd66aaa305dd5301c460e3662434696d73d61d562b949f0f72755940e74
-
SSDEEP
768:hEDHCnRXpBeLqa0FBh14k7iZLZx4J7W8XmXNBlNDFX7fq/vdqx03weoSb03xd:lRXpBeU6n4PYB7l7oV0S8
Score10/10-
Modifies WinLogon for persistence
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-