Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d618021c4112dbf5dc27edecee86caaf_JaffaCakes118
-
Size
671KB
-
Sample
240909-l3crnavdmg
-
MD5
d618021c4112dbf5dc27edecee86caaf
-
SHA1
73ae042173640e7ffe120c21d000d09f929735f5
-
SHA256
15ff2ffffc467260699527f715a8b394a5218f4d9fbbfc657d8450bb9ede4ac8
-
SHA512
b820062e6a5d47becfc1f90f57df3c95c29b63650288eb1b3524ba5aa76dd4bdb3870d97b4349bbfdf50897220549e45ba5325bf562b33671ebede4a5931d7f1
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6i:qJ7Uzj4yUo7Fdle8WIbCL6i
Static task
static1
Behavioral task
behavioral1
Sample
d618021c4112dbf5dc27edecee86caaf_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
d618021c4112dbf5dc27edecee86caaf_JaffaCakes118
-
Size
671KB
-
MD5
d618021c4112dbf5dc27edecee86caaf
-
SHA1
73ae042173640e7ffe120c21d000d09f929735f5
-
SHA256
15ff2ffffc467260699527f715a8b394a5218f4d9fbbfc657d8450bb9ede4ac8
-
SHA512
b820062e6a5d47becfc1f90f57df3c95c29b63650288eb1b3524ba5aa76dd4bdb3870d97b4349bbfdf50897220549e45ba5325bf562b33671ebede4a5931d7f1
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6i:qJ7Uzj4yUo7Fdle8WIbCL6i
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
1