Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cf592057377cb88d0bc95a377b8fd9a9_JaffaCakes118
-
Size
690KB
-
Sample
240906-mmcmds1fjp
-
MD5
cf592057377cb88d0bc95a377b8fd9a9
-
SHA1
5d34b78e1d917eab35ecba32788bebea4da7388b
-
SHA256
9505ea27895537dcb6c2488b2eee6c0b68b35747eb5b362ca6c4888fb9b115dd
-
SHA512
95a0e9eb7be4d85214ecb5db4bf04d8b573348c0d73ae89cd48943e74f3cb79f812c2448e4372fb5fcc76a8700d77d7b9aa1bc8c2b437cd28615faca5a0a07dd
-
SSDEEP
12288:y3JKjAhROhOtGsgyZXVSfbJXE+nc6cf8zL4XpYyDvQo2bNvL:y3KAhRygZXkyf8Ysbh
Behavioral task
behavioral1
Sample
cf592057377cb88d0bc95a377b8fd9a9_JaffaCakes118.dll
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
cf592057377cb88d0bc95a377b8fd9a9_JaffaCakes118
-
Size
690KB
-
MD5
cf592057377cb88d0bc95a377b8fd9a9
-
SHA1
5d34b78e1d917eab35ecba32788bebea4da7388b
-
SHA256
9505ea27895537dcb6c2488b2eee6c0b68b35747eb5b362ca6c4888fb9b115dd
-
SHA512
95a0e9eb7be4d85214ecb5db4bf04d8b573348c0d73ae89cd48943e74f3cb79f812c2448e4372fb5fcc76a8700d77d7b9aa1bc8c2b437cd28615faca5a0a07dd
-
SSDEEP
12288:y3JKjAhROhOtGsgyZXVSfbJXE+nc6cf8zL4XpYyDvQo2bNvL:y3KAhRygZXkyf8Ysbh
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-