Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e0744038880667761186b8e91bb9d1a8_JaffaCakes118
-
Size
519KB
-
Sample
240914-smrzza1clg
-
MD5
e0744038880667761186b8e91bb9d1a8
-
SHA1
d0aa99d32bb0f907a8c16b390a2a94437ad1241d
-
SHA256
65a6403827fc50edf22feeb81f15b0781fe2764d6ce6dc1f1f59e193d80c5db5
-
SHA512
d4a9e1e11d695f7ee4cd4d839192bb1845915bdc53cbac62f2e6c84bd0b37cda575fe33cbaa5488ec5f706b4ab79a73843504d006bcf55aa233826ec08464c96
-
SSDEEP
12288:zjAbupHjKTkzBOID1zpdEWdit1YqYqi+/lDE2On8dr:zjAboKTQl/otKEi+9JOn8dr
Static task
static1
Behavioral task
behavioral1
Sample
e0744038880667761186b8e91bb9d1a8_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
e0744038880667761186b8e91bb9d1a8_JaffaCakes118
-
Size
519KB
-
MD5
e0744038880667761186b8e91bb9d1a8
-
SHA1
d0aa99d32bb0f907a8c16b390a2a94437ad1241d
-
SHA256
65a6403827fc50edf22feeb81f15b0781fe2764d6ce6dc1f1f59e193d80c5db5
-
SHA512
d4a9e1e11d695f7ee4cd4d839192bb1845915bdc53cbac62f2e6c84bd0b37cda575fe33cbaa5488ec5f706b4ab79a73843504d006bcf55aa233826ec08464c96
-
SSDEEP
12288:zjAbupHjKTkzBOID1zpdEWdit1YqYqi+/lDE2On8dr:zjAboKTQl/otKEi+9JOn8dr
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
1