Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fae3aabe1035e7c6415c0259faf9b9c8_JaffaCakes118
-
Size
132KB
-
Sample
240927-znnghayfrp
-
MD5
fae3aabe1035e7c6415c0259faf9b9c8
-
SHA1
b4c630728d027fe7af42a48cad2d5a11b466249d
-
SHA256
bd6475855be784011b269ba09e990d9aae8f0e5b0caf32cea7ae2877e561b2c5
-
SHA512
2f81f52a89cdb62b66c95452407eb6db9ce432d726e873e5916648ae7487ee9e088583bb6563efc45f626db11351199593fd29aa52ca38148e87858d8aebce85
-
SSDEEP
3072:bevHyJ4S1bAt2YoxspMQUDuaIS+icqyzrPW4b:bDJ1bFfsMn+pzr+o
Static task
static1
Behavioral task
behavioral1
Sample
fae3aabe1035e7c6415c0259faf9b9c8_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
pony
http://dare2dreamz.com:8080/pony/gate.php
http://cityweddingguide.com:8080/pony/gate.php
-
payload_url
http://expresszmedia.hu/0evunCU7/RUAFT1J.exe
http://www.teronhieronta.net/f4TQk601/pHhR.exe
http://lozenitzawineanddine.net/MmWXchKV/yeTHapJ.exe
Targets
-
-
Target
fae3aabe1035e7c6415c0259faf9b9c8_JaffaCakes118
-
Size
132KB
-
MD5
fae3aabe1035e7c6415c0259faf9b9c8
-
SHA1
b4c630728d027fe7af42a48cad2d5a11b466249d
-
SHA256
bd6475855be784011b269ba09e990d9aae8f0e5b0caf32cea7ae2877e561b2c5
-
SHA512
2f81f52a89cdb62b66c95452407eb6db9ce432d726e873e5916648ae7487ee9e088583bb6563efc45f626db11351199593fd29aa52ca38148e87858d8aebce85
-
SSDEEP
3072:bevHyJ4S1bAt2YoxspMQUDuaIS+icqyzrPW4b:bDJ1bFfsMn+pzr+o
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-