Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0a29576812fca3594c12890e023691af_JaffaCakes118
-
Size
236KB
-
Sample
241002-l9s28avbrh
-
MD5
0a29576812fca3594c12890e023691af
-
SHA1
8f3056b87d29bdb9a6b74bd730e0bfef1a5e987a
-
SHA256
e0d9d179a89514ac59fc65f8b2ec892765dda435d2517367f440a5be4114d06e
-
SHA512
1003553d92416a500232265ceaa512099b6753ded364ce79552972b2f22c465c3d4168266b8ec9fb47cbc09f1474d0eb1a63feb2e149995a672761db32e0e568
-
SSDEEP
3072:sp9ELQ7N5KCa6QQLAK2hcPRwWL12O71Z8ju6mZFxgRW6gBA:KBMQL3t2G1Z8jubnxgRL
Static task
static1
Behavioral task
behavioral1
Sample
0a29576812fca3594c12890e023691af_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
0a29576812fca3594c12890e023691af_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0a29576812fca3594c12890e023691af_JaffaCakes118
-
Size
236KB
-
MD5
0a29576812fca3594c12890e023691af
-
SHA1
8f3056b87d29bdb9a6b74bd730e0bfef1a5e987a
-
SHA256
e0d9d179a89514ac59fc65f8b2ec892765dda435d2517367f440a5be4114d06e
-
SHA512
1003553d92416a500232265ceaa512099b6753ded364ce79552972b2f22c465c3d4168266b8ec9fb47cbc09f1474d0eb1a63feb2e149995a672761db32e0e568
-
SSDEEP
3072:sp9ELQ7N5KCa6QQLAK2hcPRwWL12O71Z8ju6mZFxgRW6gBA:KBMQL3t2G1Z8jubnxgRL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2