Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dcaf6598dca41cc9a2c027da0f01d301_JaffaCakes118
-
Size
132KB
-
Sample
240912-vreljsvfld
-
MD5
dcaf6598dca41cc9a2c027da0f01d301
-
SHA1
23e9352a41f991a478485c43f8ce603620fa2080
-
SHA256
f2f63c603fccf0583b012ef2dcefad299d462731a27e08ac8e1fe27a4e47b9b8
-
SHA512
515e5848f276ef6a7ed7bd52ae01e4f7d61587e0b54c411f6ae43ad52c13f00985a3df7683725a01b3972535522c5ea1d07a7a02ff10d27dd558c50e9cd16176
-
SSDEEP
3072:lwRPXEcBrPf9HU9Oki6DX37fAV4oQZiEqVD:lSPXEcBrPFHU9Ok7rfMWgx
Static task
static1
Behavioral task
behavioral1
Sample
dcaf6598dca41cc9a2c027da0f01d301_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dcaf6598dca41cc9a2c027da0f01d301_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
dcaf6598dca41cc9a2c027da0f01d301_JaffaCakes118
-
Size
132KB
-
MD5
dcaf6598dca41cc9a2c027da0f01d301
-
SHA1
23e9352a41f991a478485c43f8ce603620fa2080
-
SHA256
f2f63c603fccf0583b012ef2dcefad299d462731a27e08ac8e1fe27a4e47b9b8
-
SHA512
515e5848f276ef6a7ed7bd52ae01e4f7d61587e0b54c411f6ae43ad52c13f00985a3df7683725a01b3972535522c5ea1d07a7a02ff10d27dd558c50e9cd16176
-
SSDEEP
3072:lwRPXEcBrPf9HU9Oki6DX37fAV4oQZiEqVD:lSPXEcBrPFHU9Ok7rfMWgx
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2