Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fe196add855b16dc1b8e80729610a4e0_JaffaCakes118
-
Size
3.6MB
-
Sample
240929-jww6lsybka
-
MD5
fe196add855b16dc1b8e80729610a4e0
-
SHA1
f44efb48cda5958e5603b36d1a59709a847fc0e7
-
SHA256
1545645f6c5ecc9f14ee924de8ad3dea051e24a8fca9b34beedf958cae0c1b90
-
SHA512
78285eb98cefe794720d198509e4ccacfead6546dd0d70594bc137a41c99b6db2d8f5db1a5b674283396165b5fda7a970d34dff376dead59ba67c5e583e2075a
-
SSDEEP
98304:qGk6+Wzyy2Js1c8YlQvtGSpQVYQahXSj68h761:DtZz9msbEbvVY06CQ
Malware Config
Targets
-
-
Target
fe196add855b16dc1b8e80729610a4e0_JaffaCakes118
-
Size
3.6MB
-
MD5
fe196add855b16dc1b8e80729610a4e0
-
SHA1
f44efb48cda5958e5603b36d1a59709a847fc0e7
-
SHA256
1545645f6c5ecc9f14ee924de8ad3dea051e24a8fca9b34beedf958cae0c1b90
-
SHA512
78285eb98cefe794720d198509e4ccacfead6546dd0d70594bc137a41c99b6db2d8f5db1a5b674283396165b5fda7a970d34dff376dead59ba67c5e583e2075a
-
SSDEEP
98304:qGk6+Wzyy2Js1c8YlQvtGSpQVYQahXSj68h761:DtZz9msbEbvVY06CQ
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Enumerates processes with tasklist
-