Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
db73c1d6a608da427db152e5a9f293dc_JaffaCakes118
-
Size
507KB
-
Sample
240911-3zycmazhla
-
MD5
db73c1d6a608da427db152e5a9f293dc
-
SHA1
983bd31b65f6de221ffcf99eb7cd854af975758b
-
SHA256
44826422830a9dbdb47a8ae7b65e05dfda9c3ae44c20e9080e4b3b4a1f6ac445
-
SHA512
a20e76805c47b29361a133cd06511186ceee57b48378a35f4791cda2651779ee2d91fa49e8ede6076da399b9f6239fa832337ddb1aebe75361d9aea581e3ea6d
-
SSDEEP
12288:wlxpL3PJ2qP7r9r/+ppppppppppppppppppppppppppppp0Gm:Yxp1X1qm
Behavioral task
behavioral1
Sample
db73c1d6a608da427db152e5a9f293dc_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
db73c1d6a608da427db152e5a9f293dc_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
db73c1d6a608da427db152e5a9f293dc_JaffaCakes118
-
Size
507KB
-
MD5
db73c1d6a608da427db152e5a9f293dc
-
SHA1
983bd31b65f6de221ffcf99eb7cd854af975758b
-
SHA256
44826422830a9dbdb47a8ae7b65e05dfda9c3ae44c20e9080e4b3b4a1f6ac445
-
SHA512
a20e76805c47b29361a133cd06511186ceee57b48378a35f4791cda2651779ee2d91fa49e8ede6076da399b9f6239fa832337ddb1aebe75361d9aea581e3ea6d
-
SSDEEP
12288:wlxpL3PJ2qP7r9r/+ppppppppppppppppppppppppppppp0Gm:Yxp1X1qm
Score10/10-
Quasar payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-