Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f698c6d2b73741768a2b930fbb0b7540_JaffaCakes118
-
Size
157KB
-
Sample
240925-wz1peszemj
-
MD5
f698c6d2b73741768a2b930fbb0b7540
-
SHA1
5b7932a703b2e66548922f87a01397c43655eb1a
-
SHA256
2e2c4f0b86fad63954a35b6ddcf7904dffac25e3b7d547fb0c393b73620b4dc1
-
SHA512
72b319ad1c6b7b0d7cd6c51c7ecf1bb9bde30dbd161d3a981e96161a8df76bba1e3bdf7617104e74ad9108dcf56a70fe25742df2315735a7e28f579698680f96
-
SSDEEP
3072:sr85CHkBY9bHb5gLQpBKel6pFLXjIavJA:k9HkB8HdgMp8ZpFLXMb
Behavioral task
behavioral1
Sample
f698c6d2b73741768a2b930fbb0b7540_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
f698c6d2b73741768a2b930fbb0b7540_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f698c6d2b73741768a2b930fbb0b7540_JaffaCakes118
-
Size
157KB
-
MD5
f698c6d2b73741768a2b930fbb0b7540
-
SHA1
5b7932a703b2e66548922f87a01397c43655eb1a
-
SHA256
2e2c4f0b86fad63954a35b6ddcf7904dffac25e3b7d547fb0c393b73620b4dc1
-
SHA512
72b319ad1c6b7b0d7cd6c51c7ecf1bb9bde30dbd161d3a981e96161a8df76bba1e3bdf7617104e74ad9108dcf56a70fe25742df2315735a7e28f579698680f96
-
SSDEEP
3072:sr85CHkBY9bHb5gLQpBKel6pFLXjIavJA:k9HkB8HdgMp8ZpFLXMb
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-