Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d14f38c8f194dffb959be32c3ee1f400_JaffaCakes118
-
Size
156KB
-
Sample
240907-hg11kszerj
-
MD5
d14f38c8f194dffb959be32c3ee1f400
-
SHA1
01e3c689f2e32d73b87180ca03927478a7343aeb
-
SHA256
556a14c7d440363d4eea1d1671f8b57425bdeb7ed3564e37476a0429c55643ac
-
SHA512
0123270ec0b60e009afa350eb04293955d28d7b89e6b5b5bf2e0e3f58ae31abc0d64d91bb1e60d8fc928fe48edd60e780d29816bc2be249436c2d2afd6aa14d0
-
SSDEEP
3072:7vo0k5Edu3kSESulCVRgQPwU3MppI1zePMThBN4oQZiEYxN:Doku3ESul9LI1zeEhZWaT
Static task
static1
Behavioral task
behavioral1
Sample
d14f38c8f194dffb959be32c3ee1f400_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d14f38c8f194dffb959be32c3ee1f400_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d14f38c8f194dffb959be32c3ee1f400_JaffaCakes118
-
Size
156KB
-
MD5
d14f38c8f194dffb959be32c3ee1f400
-
SHA1
01e3c689f2e32d73b87180ca03927478a7343aeb
-
SHA256
556a14c7d440363d4eea1d1671f8b57425bdeb7ed3564e37476a0429c55643ac
-
SHA512
0123270ec0b60e009afa350eb04293955d28d7b89e6b5b5bf2e0e3f58ae31abc0d64d91bb1e60d8fc928fe48edd60e780d29816bc2be249436c2d2afd6aa14d0
-
SSDEEP
3072:7vo0k5Edu3kSESulCVRgQPwU3MppI1zePMThBN4oQZiEYxN:Doku3ESul9LI1zeEhZWaT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2