Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0b15d98a371adb04e50e4c8f3b260808_JaffaCakes118
-
Size
34KB
-
Sample
241002-rmnf4s1akn
-
MD5
0b15d98a371adb04e50e4c8f3b260808
-
SHA1
04125f8c16b7b4907c92a5986df6604525ac1d5c
-
SHA256
ad0b17e7d9c8f6d00ed02e3ce2825cdf3841482ac02f8a9d1b531e5f4f2a69b6
-
SHA512
72c9d3abb89a8e6de1ac6ec5b45e69d0f78cd42fcc2c7174f64ca426df073dd739f4d2efdaaf8f7ef2d3170194f0003eee16f42b8b4a0c436a16b51ed4fca643
-
SSDEEP
768:mzQYScGrIubHuYtvdxwYHw5FAe2QJncwxQ:gQTIubHy5wQJc
Static task
static1
Behavioral task
behavioral1
Sample
0b15d98a371adb04e50e4c8f3b260808_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0b15d98a371adb04e50e4c8f3b260808_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
0b15d98a371adb04e50e4c8f3b260808_JaffaCakes118
-
Size
34KB
-
MD5
0b15d98a371adb04e50e4c8f3b260808
-
SHA1
04125f8c16b7b4907c92a5986df6604525ac1d5c
-
SHA256
ad0b17e7d9c8f6d00ed02e3ce2825cdf3841482ac02f8a9d1b531e5f4f2a69b6
-
SHA512
72c9d3abb89a8e6de1ac6ec5b45e69d0f78cd42fcc2c7174f64ca426df073dd739f4d2efdaaf8f7ef2d3170194f0003eee16f42b8b4a0c436a16b51ed4fca643
-
SSDEEP
768:mzQYScGrIubHuYtvdxwYHw5FAe2QJncwxQ:gQTIubHy5wQJc
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-