Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1243606b8fd6fd0c8f953fcb63f0f732_JaffaCakes118
-
Size
232KB
-
Sample
241004-hh37bszcqq
-
MD5
1243606b8fd6fd0c8f953fcb63f0f732
-
SHA1
35a45fb60801022c50515e5d0ee11ba5fd292f4f
-
SHA256
089d7ce9b5c1ed4f128a58f0b396c1bab60e60cddc232fbddc0535591fdc9bf1
-
SHA512
90d222df818802216d2e16a25e439c28777b1fbb33fd1011527c4f11d002567ada5b4fc0b94ae3dd47608149db2cd74ae1b0ae5a89c2501576d8b5d740fd56f7
-
SSDEEP
6144:Qh3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxkubS/:yPhJuBXVbkxJbC
Static task
static1
Behavioral task
behavioral1
Sample
1243606b8fd6fd0c8f953fcb63f0f732_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
1243606b8fd6fd0c8f953fcb63f0f732_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
1243606b8fd6fd0c8f953fcb63f0f732_JaffaCakes118
-
Size
232KB
-
MD5
1243606b8fd6fd0c8f953fcb63f0f732
-
SHA1
35a45fb60801022c50515e5d0ee11ba5fd292f4f
-
SHA256
089d7ce9b5c1ed4f128a58f0b396c1bab60e60cddc232fbddc0535591fdc9bf1
-
SHA512
90d222df818802216d2e16a25e439c28777b1fbb33fd1011527c4f11d002567ada5b4fc0b94ae3dd47608149db2cd74ae1b0ae5a89c2501576d8b5d740fd56f7
-
SSDEEP
6144:Qh3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxkubS/:yPhJuBXVbkxJbC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2