Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c0bfd5815314d93f01b02766f3aa6e78_JaffaCakes118
-
Size
658KB
-
Sample
240825-pp14wawbrl
-
MD5
c0bfd5815314d93f01b02766f3aa6e78
-
SHA1
22eb36e422de7d29ca7e573400216395f5a17c5b
-
SHA256
7e92f6b7fc73b2cae02badc9be25643d0e4f2b1599d9b27d6af3cbabdfa70beb
-
SHA512
bd93548be44d75ee1ae5391d94619a7051ddcf17e00ccd96b72c5ca88e5988321f96320ad48b8d32bcd1718c140ce24e3854c673258c6a30b55ac21129b9b943
-
SSDEEP
12288:aalFG/FRwYkK19iOCr+TMoO30mYn0YaAsGpQ33M5DKTrH5fzQ2O:VFGQK19iOCr+TMoO30mYn0YaAsl33M5J
Static task
static1
Behavioral task
behavioral1
Sample
c0bfd5815314d93f01b02766f3aa6e78_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c0bfd5815314d93f01b02766f3aa6e78_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c0bfd5815314d93f01b02766f3aa6e78_JaffaCakes118
-
Size
658KB
-
MD5
c0bfd5815314d93f01b02766f3aa6e78
-
SHA1
22eb36e422de7d29ca7e573400216395f5a17c5b
-
SHA256
7e92f6b7fc73b2cae02badc9be25643d0e4f2b1599d9b27d6af3cbabdfa70beb
-
SHA512
bd93548be44d75ee1ae5391d94619a7051ddcf17e00ccd96b72c5ca88e5988321f96320ad48b8d32bcd1718c140ce24e3854c673258c6a30b55ac21129b9b943
-
SSDEEP
12288:aalFG/FRwYkK19iOCr+TMoO30mYn0YaAsGpQ33M5DKTrH5fzQ2O:VFGQK19iOCr+TMoO30mYn0YaAsl33M5J
Score8/10-
Server Software Component: Terminal Services DLL
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-