Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c84eaddea738ab53f0d577957be252c6_JaffaCakes118
-
Size
323KB
-
Sample
240829-gdknrayaql
-
MD5
c84eaddea738ab53f0d577957be252c6
-
SHA1
babff72c370a221469ea00d75975ce82860c69df
-
SHA256
eb7d1c36b5beed937341b188d4b174f953348b364d2b726322f7b2de7222052c
-
SHA512
c536d2e392ec58fd92d445e7a4fcc118a3dffc10ca178aec05dfb0d24b89e877eddb490f7fd837a4addd0b19e99e3dea343dce87aeec2063d4b5784775ba8e45
-
SSDEEP
6144:gl+340H7xeCBg3VbraHRi7bsFxmeAqTjhIimf7Nx3AkxENpJBkH1M2:oOP79Bgtwi7wxmeAqT9KBx3AkxENpJqn
Static task
static1
Behavioral task
behavioral1
Sample
c84eaddea738ab53f0d577957be252c6_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
c84eaddea738ab53f0d577957be252c6_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c84eaddea738ab53f0d577957be252c6_JaffaCakes118
-
Size
323KB
-
MD5
c84eaddea738ab53f0d577957be252c6
-
SHA1
babff72c370a221469ea00d75975ce82860c69df
-
SHA256
eb7d1c36b5beed937341b188d4b174f953348b364d2b726322f7b2de7222052c
-
SHA512
c536d2e392ec58fd92d445e7a4fcc118a3dffc10ca178aec05dfb0d24b89e877eddb490f7fd837a4addd0b19e99e3dea343dce87aeec2063d4b5784775ba8e45
-
SSDEEP
6144:gl+340H7xeCBg3VbraHRi7bsFxmeAqTjhIimf7Nx3AkxENpJBkH1M2:oOP79Bgtwi7wxmeAqT9KBx3AkxENpJqn
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1