Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fa6ceab0262055609beab19609de8482_JaffaCakes118
-
Size
1.1MB
-
Sample
240927-pxekvashlj
-
MD5
fa6ceab0262055609beab19609de8482
-
SHA1
d19410d2489d313864dce3c327865c8193ee5ecf
-
SHA256
6017c9c427da769de7dedf91d1250c2a32a34b71a4e1fe3389362c1b9f782722
-
SHA512
c1e08fbfefd28d3b8d3a5faaca79c0f7b0ec7df5f74e71ecf25f83c24baa159e7dcbd40f32f8d8786f9db97ebc783dbbfffebf8bb1e12999ac430bec20ee2803
-
SSDEEP
12288:FSjzwRzH1RighUFZzHtC9FDY8c8H+Lm/yjxeiSOHTApwn2fTrNsef1JOXHXTSeD9:geVRrhMxY9FDY8cLa/OerzTrNtSjS
Behavioral task
behavioral1
Sample
fa6ceab0262055609beab19609de8482_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fa6ceab0262055609beab19609de8482_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
fa6ceab0262055609beab19609de8482_JaffaCakes118
-
Size
1.1MB
-
MD5
fa6ceab0262055609beab19609de8482
-
SHA1
d19410d2489d313864dce3c327865c8193ee5ecf
-
SHA256
6017c9c427da769de7dedf91d1250c2a32a34b71a4e1fe3389362c1b9f782722
-
SHA512
c1e08fbfefd28d3b8d3a5faaca79c0f7b0ec7df5f74e71ecf25f83c24baa159e7dcbd40f32f8d8786f9db97ebc783dbbfffebf8bb1e12999ac430bec20ee2803
-
SSDEEP
12288:FSjzwRzH1RighUFZzHtC9FDY8c8H+Lm/yjxeiSOHTApwn2fTrNsef1JOXHXTSeD9:geVRrhMxY9FDY8cLa/OerzTrNtSjS
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-