Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
507b38e4400...18.exe
windows7-x64
707b38e4400...18.exe
windows10-2004-x64
7$PLUGINSDIR/dawn.exe
windows7-x64
5$PLUGINSDIR/dawn.exe
windows10-2004-x64
5$PLUGINSDIR/inst.exe
windows7-x64
1$PLUGINSDIR/inst.exe
windows10-2004-x64
6$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3General
-
Target
07b38e44001f4972d3a4bf2f552bc670_JaffaCakes118
-
Size
428KB
-
Sample
241001-2jb9satepp
-
MD5
07b38e44001f4972d3a4bf2f552bc670
-
SHA1
dabb70223b608824edbe8e528fbe5b79db16e96f
-
SHA256
23a8d5cbed2d324800423cea1de9357756ce372f22693ea8b482f43ea6c4ac37
-
SHA512
541be40c3436cdf88ac007cdab6a551d5443862300a90dea00a0ebfe9fd7b7eb4f3980791cf16db29d33f525272f2f92f758af8474d6497d127d8060361161fa
-
SSDEEP
6144:psaocyLCxcfyuO4+iX7nC+pQ8l1jYoVr+/mYOP3JkLXXKaJ7JQ87DbximefUgudM:ptobKr4jX7nCGQiZUqkr887DFincgum
Behavioral task
behavioral1
Sample
07b38e44001f4972d3a4bf2f552bc670_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
07b38e44001f4972d3a4bf2f552bc670_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/dawn.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/dawn.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/inst.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/inst.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
07b38e44001f4972d3a4bf2f552bc670_JaffaCakes118
-
Size
428KB
-
MD5
07b38e44001f4972d3a4bf2f552bc670
-
SHA1
dabb70223b608824edbe8e528fbe5b79db16e96f
-
SHA256
23a8d5cbed2d324800423cea1de9357756ce372f22693ea8b482f43ea6c4ac37
-
SHA512
541be40c3436cdf88ac007cdab6a551d5443862300a90dea00a0ebfe9fd7b7eb4f3980791cf16db29d33f525272f2f92f758af8474d6497d127d8060361161fa
-
SSDEEP
6144:psaocyLCxcfyuO4+iX7nC+pQ8l1jYoVr+/mYOP3JkLXXKaJ7JQ87DbximefUgudM:ptobKr4jX7nCGQiZUqkr887DFincgum
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
-
-
Target
$PLUGINSDIR/dawn.exe
-
Size
212KB
-
MD5
3fe8c2cfc48fbef8b2fc3d79769373b1
-
SHA1
089c032591a2aceffefbdf29262f16d31aa7e696
-
SHA256
d0ac7f3c6f8fd818a6b5807b406a3bd80114cb8db5820a5e3b624eb12fbfd773
-
SHA512
f4e467d1f2826938d98c7701ff52672e67b0e3e29eab706161568c235c236777bca3959b61cd55e152621d56ea46bbbd7822586c123c289a23f2b1d01b9b5f00
-
SSDEEP
3072:63abMwJeBzAmFih1bWiCgJZB+yWZvuFX6RWqOhV3loiHmHhyXcv3ktX:6QMbBsmw3bWiCgJ2GFXUWdV1lhVp
-
-
-
Target
$PLUGINSDIR/inst.exe
-
Size
175KB
-
MD5
ecef08b48d655495922474ce5fdb0b3b
-
SHA1
37db28981e315ba34fb72e5fabfb2c2ade2a7aea
-
SHA256
1823f6ca026972810a09a61d2ca41aeda650c4bd7a7bbba010e08895eb949fac
-
SHA512
65fd89715af68b36860194affa710812ed638ca826a269fc39500997ace3f4284c8bfbe08d7dd623490fc83896c155f0d5f0ae8a5f78b07ec7d3203e9a8fe371
-
SSDEEP
3072:vkK063NEIpv3p3KV7boDwUfWluHK5U2kmZcD4oMzBmHf5QLktp4TQWtF:vlb3xJDwUfPHkU2tZcYyxQAvaRz
Score6/10-
Drops desktop.ini file(s)
-
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
8KB
-
MD5
249ae678f0dac4c625c6de6aca53823a
-
SHA1
6ac2b9e90e8445fed4c45c5dbf2d0227cd3b5201
-
SHA256
7298024a36310b7c4c112be87b61b62a0b1be493e2d5252a19e5e976daf674ce
-
SHA512
66e4081a40f3191bf28b810cf8411cb3c8c3e3ec5943e18d6672414fb5e7b4364f862cba44c9115c599ac90890ef02a773e254e7c979e930946bc52b0693aad7
-
SSDEEP
192:r/QeHNWSvUTfWdXw08LYKFaynLb3MRlbOVlR:7jBvwudT8LJxnnMRlyVlR
Score3/10 -