Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d68ec8bebe3186ce6f4f9a24a014e73a_JaffaCakes118
-
Size
144KB
-
Sample
240909-seepnswgqa
-
MD5
d68ec8bebe3186ce6f4f9a24a014e73a
-
SHA1
e3e2b9a8ccd8af89523666dfc9a6ec0cdcd90398
-
SHA256
1054d870e61e08dfdb27a15edc766fe47683aa7117e080d68d72460869df43cc
-
SHA512
3a5b951a29cac3630216497a30a0f4dc2b6ae046757dee2954a8c761e5b5141a457dd9df3449e578fc3582103ec0711c44d3339377d8d89305c4a3ea11f99973
-
SSDEEP
3072:LO/RJ7suVBkE0eXrugqMo56N6cz9FVo07bXo+CHanIIPR/:a5J7szJON1z9voUi8P
Static task
static1
Behavioral task
behavioral1
Sample
d68ec8bebe3186ce6f4f9a24a014e73a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d68ec8bebe3186ce6f4f9a24a014e73a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d68ec8bebe3186ce6f4f9a24a014e73a_JaffaCakes118
-
Size
144KB
-
MD5
d68ec8bebe3186ce6f4f9a24a014e73a
-
SHA1
e3e2b9a8ccd8af89523666dfc9a6ec0cdcd90398
-
SHA256
1054d870e61e08dfdb27a15edc766fe47683aa7117e080d68d72460869df43cc
-
SHA512
3a5b951a29cac3630216497a30a0f4dc2b6ae046757dee2954a8c761e5b5141a457dd9df3449e578fc3582103ec0711c44d3339377d8d89305c4a3ea11f99973
-
SSDEEP
3072:LO/RJ7suVBkE0eXrugqMo56N6cz9FVo07bXo+CHanIIPR/:a5J7szJON1z9voUi8P
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-