Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f653945662ad61108c61c654f473b4d7_JaffaCakes118
-
Size
99KB
-
Sample
240925-s3f8eawgmc
-
MD5
f653945662ad61108c61c654f473b4d7
-
SHA1
f29fc3bbaebcea2752e247b317ca582d51715c9d
-
SHA256
462d7f464400677a6c746363e9b64895442a24dcb8a4b951609dce3aa635a0b9
-
SHA512
0842972831a6b9508f870b3a194b9fcfbad3565f533066a193553a4a07d1b1db96493dbbe702b9f75b78f8d0671082d1f59756bdd825283abb921cc491d1f67c
-
SSDEEP
3072:BixUnJoxphJ7dGz8K5uFd5Y7+CVukbkmJjbux7i9:BixqoxL1HKEFG
Static task
static1
Behavioral task
behavioral1
Sample
f653945662ad61108c61c654f473b4d7_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
f653945662ad61108c61c654f473b4d7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f653945662ad61108c61c654f473b4d7_JaffaCakes118
-
Size
99KB
-
MD5
f653945662ad61108c61c654f473b4d7
-
SHA1
f29fc3bbaebcea2752e247b317ca582d51715c9d
-
SHA256
462d7f464400677a6c746363e9b64895442a24dcb8a4b951609dce3aa635a0b9
-
SHA512
0842972831a6b9508f870b3a194b9fcfbad3565f533066a193553a4a07d1b1db96493dbbe702b9f75b78f8d0671082d1f59756bdd825283abb921cc491d1f67c
-
SSDEEP
3072:BixUnJoxphJ7dGz8K5uFd5Y7+CVukbkmJjbux7i9:BixqoxL1HKEFG
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-