Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ded897f1b9fea4102bccc21c30fcc797_JaffaCakes118
-
Size
6.1MB
-
Sample
240913-y9p2saxglg
-
MD5
ded897f1b9fea4102bccc21c30fcc797
-
SHA1
94d0f6d39740bf618173e388f739d8625c7e4eb2
-
SHA256
59d77dea7a15139fe6aaaa6a3a16dd315ba7bb8a20153a3d9c5f65d0b9aa7c34
-
SHA512
a7b3f2f315170117ed529919fd5a3fd4fa494ff7ce571dd4a68ac682e6b8cc69723b65e00afd89c9d9411e5345e0e531769dfc9a966ad0e3e2848b0b57947114
-
SSDEEP
98304:oAwzZHd5CU4G9KwYAOujNkIIp/sPuYvko1dup0Wy2k1bRNQLhA4OolahKAHW7rYg:2Zh4GkrAOuqnpEPxvkTb+A9akAHiEg
Behavioral task
behavioral1
Sample
ded897f1b9fea4102bccc21c30fcc797_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
ded897f1b9fea4102bccc21c30fcc797_JaffaCakes118
-
Size
6.1MB
-
MD5
ded897f1b9fea4102bccc21c30fcc797
-
SHA1
94d0f6d39740bf618173e388f739d8625c7e4eb2
-
SHA256
59d77dea7a15139fe6aaaa6a3a16dd315ba7bb8a20153a3d9c5f65d0b9aa7c34
-
SHA512
a7b3f2f315170117ed529919fd5a3fd4fa494ff7ce571dd4a68ac682e6b8cc69723b65e00afd89c9d9411e5345e0e531769dfc9a966ad0e3e2848b0b57947114
-
SSDEEP
98304:oAwzZHd5CU4G9KwYAOujNkIIp/sPuYvko1dup0Wy2k1bRNQLhA4OolahKAHW7rYg:2Zh4GkrAOuqnpEPxvkTb+A9akAHiEg
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-