Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fc1006824cb66d17c68f1ffa53b37c4b_JaffaCakes118
-
Size
3KB
-
Sample
240928-l41vwazdpp
-
MD5
fc1006824cb66d17c68f1ffa53b37c4b
-
SHA1
c54b745011bccb3d068ba74a4e543cb2de1043a4
-
SHA256
95ca946aef501e5114c26cb6ef895dbc29761b4f7d6bbccc22e4bfbde1be6759
-
SHA512
1d14c5b3058c994cf542807a4341510453fda81ea9a67cfc5038b2f8fc5e80fca3271c44a9c937d2366a140e197ec605bf280a18278cae6886fa939fb28053c0
Static task
static1
Behavioral task
behavioral1
Sample
fc1006824cb66d17c68f1ffa53b37c4b_JaffaCakes118.lnk
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fc1006824cb66d17c68f1ffa53b37c4b_JaffaCakes118.lnk
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://drive.google.com/uc?export=download&id=0B3AM8u080I_Pb2I2dXdkaUxHWm8
Targets
-
-
Target
fc1006824cb66d17c68f1ffa53b37c4b_JaffaCakes118
-
Size
3KB
-
MD5
fc1006824cb66d17c68f1ffa53b37c4b
-
SHA1
c54b745011bccb3d068ba74a4e543cb2de1043a4
-
SHA256
95ca946aef501e5114c26cb6ef895dbc29761b4f7d6bbccc22e4bfbde1be6759
-
SHA512
1d14c5b3058c994cf542807a4341510453fda81ea9a67cfc5038b2f8fc5e80fca3271c44a9c937d2366a140e197ec605bf280a18278cae6886fa939fb28053c0
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Hide Artifacts: Hidden Window
Windows that would typically be displayed when an application carries out an operation can be hidden.
-
Legitimate hosting services abused for malware hosting/C2
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-