Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0fa39020e0e3f7dede81755b314758ce_JaffaCakes118
-
Size
220KB
-
Sample
241003-t2pzlaydqh
-
MD5
0fa39020e0e3f7dede81755b314758ce
-
SHA1
812e2fde134def02cf24c33ccdf7988f0663636c
-
SHA256
770be449a967832ba3390e6bf640538ce7aed1ef63f8d05ee460bd84932272ad
-
SHA512
d4736e0fbcba5878f2e9102f3d971b4dd70bfafeb3dd103b42fa92ffec0a055a1975dff2f16d78f42a11efcf89c3806c24204ee09322d60899685bb4a2aa6514
-
SSDEEP
3072:vejL4hbSxmqvsxv5gVzaSCzhIJFRxdJWtD5qK23L:U4hbSxm+wgzXnxtK2b
Static task
static1
Behavioral task
behavioral1
Sample
0fa39020e0e3f7dede81755b314758ce_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0fa39020e0e3f7dede81755b314758ce_JaffaCakes118.exe
Resource
win10v2004-20240910-en
Malware Config
Targets
-
-
Target
0fa39020e0e3f7dede81755b314758ce_JaffaCakes118
-
Size
220KB
-
MD5
0fa39020e0e3f7dede81755b314758ce
-
SHA1
812e2fde134def02cf24c33ccdf7988f0663636c
-
SHA256
770be449a967832ba3390e6bf640538ce7aed1ef63f8d05ee460bd84932272ad
-
SHA512
d4736e0fbcba5878f2e9102f3d971b4dd70bfafeb3dd103b42fa92ffec0a055a1975dff2f16d78f42a11efcf89c3806c24204ee09322d60899685bb4a2aa6514
-
SSDEEP
3072:vejL4hbSxmqvsxv5gVzaSCzhIJFRxdJWtD5qK23L:U4hbSxm+wgzXnxtK2b
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2