Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fa511363b33d74eab25972edb09aff8e_JaffaCakes118
-
Size
190KB
-
Sample
240927-ngfmjasepc
-
MD5
fa511363b33d74eab25972edb09aff8e
-
SHA1
9aadfa582aaee05841b41b21250aa69fc6676245
-
SHA256
dfdfa24ee699453d95c118836abe5a7308385ac69fccfd2921063a1860eabdd2
-
SHA512
7fa5f1ba02e2345a63f5d1edca0ada53db6ba5629db63f8c805ea8b7a14c00ef83682927d75c4d6dc1f31e6717f8a2da4db81d6d99b0f2466b1521d7322fa523
-
SSDEEP
3072:okAA1nrt3kO3yyN1bNLSGd+ZP8y2BMKB9Keoz30ZO:ok5rWihN1bNLSG8j2BMKBZojn
Static task
static1
Behavioral task
behavioral1
Sample
fa511363b33d74eab25972edb09aff8e_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
fa511363b33d74eab25972edb09aff8e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
pony
http://213.155.112.91:8080/forum/viewtopic.php
http://213.155.112.92:8080/forum/viewtopic.php
-
payload_url
http://phsycopad.padmanaba.or.id/HqsMXtZz.exe
http://krivic.com/5tZ5U.exe
http://alwaysbuyincolorado.com/YcESqPEg.exe
Targets
-
-
Target
fa511363b33d74eab25972edb09aff8e_JaffaCakes118
-
Size
190KB
-
MD5
fa511363b33d74eab25972edb09aff8e
-
SHA1
9aadfa582aaee05841b41b21250aa69fc6676245
-
SHA256
dfdfa24ee699453d95c118836abe5a7308385ac69fccfd2921063a1860eabdd2
-
SHA512
7fa5f1ba02e2345a63f5d1edca0ada53db6ba5629db63f8c805ea8b7a14c00ef83682927d75c4d6dc1f31e6717f8a2da4db81d6d99b0f2466b1521d7322fa523
-
SSDEEP
3072:okAA1nrt3kO3yyN1bNLSGd+ZP8y2BMKB9Keoz30ZO:ok5rWihN1bNLSG8j2BMKBZojn
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-