Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fa0ffd54f456883943a7adb6ba4d61db_JaffaCakes118
-
Size
882KB
-
Sample
240927-kcp4mawfpf
-
MD5
fa0ffd54f456883943a7adb6ba4d61db
-
SHA1
2ae07a4e7eb7bd4460d118dcf7222e047d43f934
-
SHA256
e92c44e6e07f6ae49a14d681d61077dfb63ac5f581ed55147895d0b134666d68
-
SHA512
48f9c088ad0b1e2a5db2f444e644d752f0ee133d20d68f84785c7a24c31adc45d68d85860ed6ac729565368cb1c0b41456a3228b5473a984eefb05c0dd7e5d32
-
SSDEEP
24576:yf9OIcgur9DayzFL2VvaSDG0bZ+8Mw7Gz:yf9OIburlayzKvJ6SZ+8Tyz
Static task
static1
Behavioral task
behavioral1
Sample
fa0ffd54f456883943a7adb6ba4d61db_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
fa0ffd54f456883943a7adb6ba4d61db_JaffaCakes118.exe
Resource
win10v2004-20240910-en
Malware Config
Targets
-
-
Target
fa0ffd54f456883943a7adb6ba4d61db_JaffaCakes118
-
Size
882KB
-
MD5
fa0ffd54f456883943a7adb6ba4d61db
-
SHA1
2ae07a4e7eb7bd4460d118dcf7222e047d43f934
-
SHA256
e92c44e6e07f6ae49a14d681d61077dfb63ac5f581ed55147895d0b134666d68
-
SHA512
48f9c088ad0b1e2a5db2f444e644d752f0ee133d20d68f84785c7a24c31adc45d68d85860ed6ac729565368cb1c0b41456a3228b5473a984eefb05c0dd7e5d32
-
SSDEEP
24576:yf9OIcgur9DayzFL2VvaSDG0bZ+8Mw7Gz:yf9OIburlayzKvJ6SZ+8Tyz
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-