Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c192a4f0185977cccb8028dea32eeb66_JaffaCakes118
-
Size
156KB
-
Sample
240825-zs574swenr
-
MD5
c192a4f0185977cccb8028dea32eeb66
-
SHA1
f47909e79090753c0288badf9d97f4def7aa6bc7
-
SHA256
db7e28e076bb06ae8c7b0c8e2009f82806763727b4397d1df58d317b2bdc1a1c
-
SHA512
ffebc71853ad25e87e71688eba34ecc9e6630ca8b7b840a6f39b1e84a692203b974b387217f2ef5ebbb9e84e0ec25980a18e6e738b6aefb7040d2ef1218e280d
-
SSDEEP
3072:wUfZ72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdLB4oQZiESD:VR22wmMtRfXZm1gpHW4
Static task
static1
Behavioral task
behavioral1
Sample
c192a4f0185977cccb8028dea32eeb66_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c192a4f0185977cccb8028dea32eeb66_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c192a4f0185977cccb8028dea32eeb66_JaffaCakes118
-
Size
156KB
-
MD5
c192a4f0185977cccb8028dea32eeb66
-
SHA1
f47909e79090753c0288badf9d97f4def7aa6bc7
-
SHA256
db7e28e076bb06ae8c7b0c8e2009f82806763727b4397d1df58d317b2bdc1a1c
-
SHA512
ffebc71853ad25e87e71688eba34ecc9e6630ca8b7b840a6f39b1e84a692203b974b387217f2ef5ebbb9e84e0ec25980a18e6e738b6aefb7040d2ef1218e280d
-
SSDEEP
3072:wUfZ72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdLB4oQZiESD:VR22wmMtRfXZm1gpHW4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2