Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0ba9505fc13728dce315ef1265b29b93_JaffaCakes118
-
Size
511KB
-
Sample
241002-vev3rs1ala
-
MD5
0ba9505fc13728dce315ef1265b29b93
-
SHA1
b656afde584983f91edc0cb1a712b6c04cff428f
-
SHA256
c77302f3f6a60cbf03057102487a43fd394fdbae6d5fa82a904439feade7b6e4
-
SHA512
5e8b485096b1e209c8aac7922577aecce88677305d4547f72245602954b5956fc3a4beb09fbf55f19d5819956cee78caf7c99556586208e35c7f47625b5dbd7b
-
SSDEEP
12288:jma3hihwWTGNtGnh8kG6xfQtWrBhVc19lfknS5REv78rX:jmkZWTqkG6fQWWtkn4RE47
Static task
static1
Behavioral task
behavioral1
Sample
0ba9505fc13728dce315ef1265b29b93_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
0ba9505fc13728dce315ef1265b29b93_JaffaCakes118
-
Size
511KB
-
MD5
0ba9505fc13728dce315ef1265b29b93
-
SHA1
b656afde584983f91edc0cb1a712b6c04cff428f
-
SHA256
c77302f3f6a60cbf03057102487a43fd394fdbae6d5fa82a904439feade7b6e4
-
SHA512
5e8b485096b1e209c8aac7922577aecce88677305d4547f72245602954b5956fc3a4beb09fbf55f19d5819956cee78caf7c99556586208e35c7f47625b5dbd7b
-
SSDEEP
12288:jma3hihwWTGNtGnh8kG6xfQtWrBhVc19lfknS5REv78rX:jmkZWTqkG6fQWWtkn4RE47
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
1