Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118
-
Size
119KB
-
Sample
241003-1mkjwsyarl
-
MD5
109da14f7ea14aca656fc404bd7e0d5c
-
SHA1
05135c035e406fd59d21eee22f0781eddb34dac4
-
SHA256
f31e9010f4c0ef6f58ab6a89931d03628d9fe1c896c7446b3db7a51fe085cfa1
-
SHA512
f77aa7a8e62a694ea063cd0a6c1b30670397d80e2e98c81df4cd165537301db7670efe1cc2f17db75304a37c8ba616680e967fcde90e0d075307746ba908967a
-
SSDEEP
3072:6zdYe6SkN2NsZQXw6QiLs3m1EplhRgKJFL:CySkNCsZvZm6plDL
Static task
static1
Behavioral task
behavioral1
Sample
109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118
-
Size
119KB
-
MD5
109da14f7ea14aca656fc404bd7e0d5c
-
SHA1
05135c035e406fd59d21eee22f0781eddb34dac4
-
SHA256
f31e9010f4c0ef6f58ab6a89931d03628d9fe1c896c7446b3db7a51fe085cfa1
-
SHA512
f77aa7a8e62a694ea063cd0a6c1b30670397d80e2e98c81df4cd165537301db7670efe1cc2f17db75304a37c8ba616680e967fcde90e0d075307746ba908967a
-
SSDEEP
3072:6zdYe6SkN2NsZQXw6QiLs3m1EplhRgKJFL:CySkNCsZvZm6plDL
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-