Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0982f497a252dc1c7ce68667ccb8c239_JaffaCakes118
-
Size
25KB
-
Sample
241002-h5pbpaxelc
-
MD5
0982f497a252dc1c7ce68667ccb8c239
-
SHA1
365d5e6180f6afedf02763e3e9e6a82f86e79cec
-
SHA256
f28b8bcbffe40a4236a317a5ead1988b1fdec74df5f9fbb3725d7b88a1aaba8b
-
SHA512
2a9bf536e250744872111d6a026c779db4dee417a01cb552129f1ae77e92bdb8746e9b0735f8062d97818eaf29f85d2719c4f648d2140e8961094d09cb4b259f
-
SSDEEP
384:qxi2JktIDnFpccpEsAiaaB7hfO58vJrF1rJ5q9B/Jz9RYS1uHnldkeqvLNFv:R2JOIDnFp2MB7I25jrJA/x9PuHnKvL
Behavioral task
behavioral1
Sample
0982f497a252dc1c7ce68667ccb8c239_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
0982f497a252dc1c7ce68667ccb8c239_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0982f497a252dc1c7ce68667ccb8c239_JaffaCakes118
-
Size
25KB
-
MD5
0982f497a252dc1c7ce68667ccb8c239
-
SHA1
365d5e6180f6afedf02763e3e9e6a82f86e79cec
-
SHA256
f28b8bcbffe40a4236a317a5ead1988b1fdec74df5f9fbb3725d7b88a1aaba8b
-
SHA512
2a9bf536e250744872111d6a026c779db4dee417a01cb552129f1ae77e92bdb8746e9b0735f8062d97818eaf29f85d2719c4f648d2140e8961094d09cb4b259f
-
SSDEEP
384:qxi2JktIDnFpccpEsAiaaB7hfO58vJrF1rJ5q9B/Jz9RYS1uHnldkeqvLNFv:R2JOIDnFp2MB7I25jrJA/x9PuHnKvL
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-