Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
033aaa8455fd4b310dc7dc1c1297856d_JaffaCakes118
-
Size
17KB
-
Sample
240930-zqdebayele
-
MD5
033aaa8455fd4b310dc7dc1c1297856d
-
SHA1
0513f1c212d657f722f3f4149c69bcfc3d703ae8
-
SHA256
6523861c5ba4469e9cde8e6c1dcd3a32c949225ac20e9458becac2161f412ff6
-
SHA512
f296d0d344c85c82b92c440addd6b4712c7d7c1247def6e60f2a59aa26f272bcf8fb4edc93edb8703e88e584048d2f241138a67bbc870dafe6eb44cf88c82c37
-
SSDEEP
384:sFs0HzHfcmZO2Zp+Nye8pqrmub8TyztsDN:sC4HfoKK8o8TyJc
Static task
static1
Behavioral task
behavioral1
Sample
033aaa8455fd4b310dc7dc1c1297856d_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
033aaa8455fd4b310dc7dc1c1297856d_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
033aaa8455fd4b310dc7dc1c1297856d_JaffaCakes118
-
Size
17KB
-
MD5
033aaa8455fd4b310dc7dc1c1297856d
-
SHA1
0513f1c212d657f722f3f4149c69bcfc3d703ae8
-
SHA256
6523861c5ba4469e9cde8e6c1dcd3a32c949225ac20e9458becac2161f412ff6
-
SHA512
f296d0d344c85c82b92c440addd6b4712c7d7c1247def6e60f2a59aa26f272bcf8fb4edc93edb8703e88e584048d2f241138a67bbc870dafe6eb44cf88c82c37
-
SSDEEP
384:sFs0HzHfcmZO2Zp+Nye8pqrmub8TyztsDN:sC4HfoKK8o8TyJc
Score8/10-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1