Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d9ddb184039ff999e81ef7b60ab58f8_JaffaCakes118
-
Size
5.0MB
-
Sample
241003-dl6dmsvfrc
-
MD5
0d9ddb184039ff999e81ef7b60ab58f8
-
SHA1
8a37520bff1d9835af624a2c8fd3394a2d1777c1
-
SHA256
abd15b81597018a7c433492d496317942e07935f249da14b9bfc95a813df3585
-
SHA512
9f9e7e73c3ed0323b602e8113f9a1e9430eaf732e70c0f7ce998998f56a96ceb742731743fef43d41be1e6700fa4ce4c4f2d21154b1aa5d1ede300aee623febe
-
SSDEEP
98304:qRgk0xOXhMUjwbRDXoI7GuS9/bYVZ0FX8Ipaky:ag98dcbRDXoI7TS9/W2xL
Static task
static1
Behavioral task
behavioral1
Sample
0d9ddb184039ff999e81ef7b60ab58f8_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
0d9ddb184039ff999e81ef7b60ab58f8_JaffaCakes118
-
Size
5.0MB
-
MD5
0d9ddb184039ff999e81ef7b60ab58f8
-
SHA1
8a37520bff1d9835af624a2c8fd3394a2d1777c1
-
SHA256
abd15b81597018a7c433492d496317942e07935f249da14b9bfc95a813df3585
-
SHA512
9f9e7e73c3ed0323b602e8113f9a1e9430eaf732e70c0f7ce998998f56a96ceb742731743fef43d41be1e6700fa4ce4c4f2d21154b1aa5d1ede300aee623febe
-
SSDEEP
98304:qRgk0xOXhMUjwbRDXoI7GuS9/bYVZ0FX8Ipaky:ag98dcbRDXoI7TS9/W2xL
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-