Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dd1c56f48b4c085f72e4461e8887d2b6_JaffaCakes118
-
Size
91KB
-
Sample
240912-1nxwlswgkp
-
MD5
dd1c56f48b4c085f72e4461e8887d2b6
-
SHA1
c5448e37a799ba30ba50f7b533e5fafe56a5c311
-
SHA256
317a8c0d5c7125c48a31b968245c20dbe73387e1a660231022f967819c0df385
-
SHA512
d6c7368bc613cc59b51754a99702f7172dfdcbf8eb0845c5d37b73235586e9e93944e9fcd6c6530bf9c4d351e1d3823bd6522894ff359a032890700875e0fff9
-
SSDEEP
1536:4SSS+7f0OYCciVcnhhfN8WFHevNj2g8m0ixW2IMjSO53Sb6qZu4:4B3MLxZnH18OHG2w0avtSy3M6qZu4
Static task
static1
Behavioral task
behavioral1
Sample
dd1c56f48b4c085f72e4461e8887d2b6_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dd1c56f48b4c085f72e4461e8887d2b6_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
dd1c56f48b4c085f72e4461e8887d2b6_JaffaCakes118
-
Size
91KB
-
MD5
dd1c56f48b4c085f72e4461e8887d2b6
-
SHA1
c5448e37a799ba30ba50f7b533e5fafe56a5c311
-
SHA256
317a8c0d5c7125c48a31b968245c20dbe73387e1a660231022f967819c0df385
-
SHA512
d6c7368bc613cc59b51754a99702f7172dfdcbf8eb0845c5d37b73235586e9e93944e9fcd6c6530bf9c4d351e1d3823bd6522894ff359a032890700875e0fff9
-
SSDEEP
1536:4SSS+7f0OYCciVcnhhfN8WFHevNj2g8m0ixW2IMjSO53Sb6qZu4:4B3MLxZnH18OHG2w0avtSy3M6qZu4
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-