Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0f48ee11f8ad24456b28c36328990d29_JaffaCakes118
-
Size
42KB
-
Sample
241003-se9j2s1fpq
-
MD5
0f48ee11f8ad24456b28c36328990d29
-
SHA1
b6f0acf24bd786d6980c7b51b4467ab4ab05fad2
-
SHA256
f4ad9c256f6eb3a2b7631bfa3d8e7490f29e6953447fc43556a9988a94b39b51
-
SHA512
2c362f22b02ff4ba5afcd00e4f2e7ef8464debb0c49b7ff35940261f27714152812dd8f36a55c4815accf7279db1c3f33ca111cf83e08a4936d7029f3f62844f
-
SSDEEP
768:ASACC8hWynMk44XiXNMSq5WXzYto1rPc5X1MwdQWf+cdP+8Y/8wf:ASAKO4SXNJftrtwdlf+Kwf
Static task
static1
Behavioral task
behavioral1
Sample
0f48ee11f8ad24456b28c36328990d29_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0f48ee11f8ad24456b28c36328990d29_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0f48ee11f8ad24456b28c36328990d29_JaffaCakes118
-
Size
42KB
-
MD5
0f48ee11f8ad24456b28c36328990d29
-
SHA1
b6f0acf24bd786d6980c7b51b4467ab4ab05fad2
-
SHA256
f4ad9c256f6eb3a2b7631bfa3d8e7490f29e6953447fc43556a9988a94b39b51
-
SHA512
2c362f22b02ff4ba5afcd00e4f2e7ef8464debb0c49b7ff35940261f27714152812dd8f36a55c4815accf7279db1c3f33ca111cf83e08a4936d7029f3f62844f
-
SSDEEP
768:ASACC8hWynMk44XiXNMSq5WXzYto1rPc5X1MwdQWf+cdP+8Y/8wf:ASAKO4SXNJftrtwdlf+Kwf
Score10/10-
Modifies WinLogon for persistence
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-