Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e05e2c41c5493e63f0ebc8eb77fa0fa0_JaffaCakes118
-
Size
1.3MB
-
Sample
240914-rqxh7ayfjc
-
MD5
e05e2c41c5493e63f0ebc8eb77fa0fa0
-
SHA1
6d01ad62ec1eb602df59312912f4f3727e0ce53b
-
SHA256
c9aef712b2c059d0b9525023a9bebcbbb32d70f1f9fd5d5e759215dbe0cad60f
-
SHA512
989ce3275e7a54ddd1a0f0bbc5a60581f05a47f2ca06c60f024cffa55d713c7953cc5f773e619fe3e0d7d1c99f09434b36196618eb0c1c1bc08d81cf6d67437b
-
SSDEEP
24576:eNPKS3gPa8AQtItMn1SikUxs2p9GkfaMAi1GbZRyzSqiM915x8SKk:Sga8xa1ijxsc9GS1GbZYd5x/N
Static task
static1
Behavioral task
behavioral1
Sample
e05e2c41c5493e63f0ebc8eb77fa0fa0_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e05e2c41c5493e63f0ebc8eb77fa0fa0_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e05e2c41c5493e63f0ebc8eb77fa0fa0_JaffaCakes118
-
Size
1.3MB
-
MD5
e05e2c41c5493e63f0ebc8eb77fa0fa0
-
SHA1
6d01ad62ec1eb602df59312912f4f3727e0ce53b
-
SHA256
c9aef712b2c059d0b9525023a9bebcbbb32d70f1f9fd5d5e759215dbe0cad60f
-
SHA512
989ce3275e7a54ddd1a0f0bbc5a60581f05a47f2ca06c60f024cffa55d713c7953cc5f773e619fe3e0d7d1c99f09434b36196618eb0c1c1bc08d81cf6d67437b
-
SSDEEP
24576:eNPKS3gPa8AQtItMn1SikUxs2p9GkfaMAi1GbZRyzSqiM915x8SKk:Sga8xa1ijxsc9GS1GbZYd5x/N
Score10/10-
Modifies WinLogon for persistence
-
Modifies WinLogon
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-