Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dbe5b02bcc3f7238efa012861d6e6ed9_JaffaCakes118
-
Size
1.3MB
-
Sample
240912-f7s2jstcmj
-
MD5
dbe5b02bcc3f7238efa012861d6e6ed9
-
SHA1
c7882c9e7132539cd1287a32ed75f43f453bf68d
-
SHA256
a53f12411a706313d31820f4175c7ecd18c226eac90dcb052ee72932e1b6a880
-
SHA512
5ebc20be6854f471f09daf7cf649f7082328fae0817f52d63dc6c5ddd7cabf6019f76761c235d01942642254fd3c4e1f7a165ebc36c65a30f40b5e123f98ae5f
-
SSDEEP
24576:4VpuZhaxt/BG6ZptcHm015CvA6BJlEcdLIdYFd:4VpuZUddjted18v5PUCn
Static task
static1
Behavioral task
behavioral1
Sample
dbe5b02bcc3f7238efa012861d6e6ed9_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
dbe5b02bcc3f7238efa012861d6e6ed9_JaffaCakes118
-
Size
1.3MB
-
MD5
dbe5b02bcc3f7238efa012861d6e6ed9
-
SHA1
c7882c9e7132539cd1287a32ed75f43f453bf68d
-
SHA256
a53f12411a706313d31820f4175c7ecd18c226eac90dcb052ee72932e1b6a880
-
SHA512
5ebc20be6854f471f09daf7cf649f7082328fae0817f52d63dc6c5ddd7cabf6019f76761c235d01942642254fd3c4e1f7a165ebc36c65a30f40b5e123f98ae5f
-
SSDEEP
24576:4VpuZhaxt/BG6ZptcHm015CvA6BJlEcdLIdYFd:4VpuZUddjted18v5PUCn
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2