Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f5501c4c5c8c992377780a9ff8c2d62f_JaffaCakes118
-
Size
1.1MB
-
Sample
240925-gdfpssxhql
-
MD5
f5501c4c5c8c992377780a9ff8c2d62f
-
SHA1
dc58697bb7c96951d6969927d25a8332aab712f3
-
SHA256
c1bcfd4ab16809241ea602e18ec2405738ab56f54718a24367d2e01fff52a103
-
SHA512
28d8659f46c107dae5d26101f42c98201d5608c9d5bc57f0f22319ff14ced407614821602ae036bbbaf8bdfc2bdbb499a057cc141d3376c437d0f9baa2c7f85e
-
SSDEEP
24576:kUJa8KHWN7lQnMzhDncVo68OzXJHEYWBkGfDbJ06FYMFp:JlWWZQ0GrZHEFrLbJ0WH
Static task
static1
Behavioral task
behavioral1
Sample
f5501c4c5c8c992377780a9ff8c2d62f_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
f5501c4c5c8c992377780a9ff8c2d62f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f5501c4c5c8c992377780a9ff8c2d62f_JaffaCakes118
-
Size
1.1MB
-
MD5
f5501c4c5c8c992377780a9ff8c2d62f
-
SHA1
dc58697bb7c96951d6969927d25a8332aab712f3
-
SHA256
c1bcfd4ab16809241ea602e18ec2405738ab56f54718a24367d2e01fff52a103
-
SHA512
28d8659f46c107dae5d26101f42c98201d5608c9d5bc57f0f22319ff14ced407614821602ae036bbbaf8bdfc2bdbb499a057cc141d3376c437d0f9baa2c7f85e
-
SSDEEP
24576:kUJa8KHWN7lQnMzhDncVo68OzXJHEYWBkGfDbJ06FYMFp:JlWWZQ0GrZHEFrLbJ0WH
Score7/10-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1