Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
12d4f2dec4708704b5ad7be8248c1979_JaffaCakes118
-
Size
88KB
-
Sample
241004-lr8pys1gjh
-
MD5
12d4f2dec4708704b5ad7be8248c1979
-
SHA1
8082b42528d23beeb2e790ab596798277846a591
-
SHA256
b48d1021edc17f7fdfd72992a5b85b70d57809b7e04796eb25771512568289aa
-
SHA512
b1cba94dcb440d143e3893ae8f0274396b177d287f42c26ef9e9cd2a19b6fe7ab45a0d34dc7e120433cc4fad5dafa5413a30d675ee1b4942a0e2b401eb22980d
-
SSDEEP
1536:M7+Hc3LwIQ/JDHKa5EJWceYljNZQ1vdmNmS/:u+8bwI8DHKu8lzOvdN
Static task
static1
Behavioral task
behavioral1
Sample
12d4f2dec4708704b5ad7be8248c1979_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
12d4f2dec4708704b5ad7be8248c1979_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
12d4f2dec4708704b5ad7be8248c1979_JaffaCakes118
-
Size
88KB
-
MD5
12d4f2dec4708704b5ad7be8248c1979
-
SHA1
8082b42528d23beeb2e790ab596798277846a591
-
SHA256
b48d1021edc17f7fdfd72992a5b85b70d57809b7e04796eb25771512568289aa
-
SHA512
b1cba94dcb440d143e3893ae8f0274396b177d287f42c26ef9e9cd2a19b6fe7ab45a0d34dc7e120433cc4fad5dafa5413a30d675ee1b4942a0e2b401eb22980d
-
SSDEEP
1536:M7+Hc3LwIQ/JDHKa5EJWceYljNZQ1vdmNmS/:u+8bwI8DHKu8lzOvdN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2