Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
13e42b0bcd4ec6702d2ff4ce5f5b1ccd_JaffaCakes118
-
Size
198KB
-
Sample
241004-srdm5svhnd
-
MD5
13e42b0bcd4ec6702d2ff4ce5f5b1ccd
-
SHA1
cdbb772997cd8f79b889ad790b1a3e326ae69b1b
-
SHA256
82029f82fde8b78c4b0313a58d89c32a078fc18f565cc4ebc4b0ab30d340b675
-
SHA512
e773fcc81d6a547f9910c107a47e6edeedfa5666397a26e2ca0f9a25b471ab247e8545d44949ab87263d5a30fd2c707af0fd8fa33f3b041529a73f10a2ecd949
-
SSDEEP
3072:fBivIGKtx6KXqK5hLkYX9aZCwFNEFQCqqXsUNq4WXeY6+vvDDRrs+eq:UIGK/EKLnuCwzFUNqhOYzt
Static task
static1
Behavioral task
behavioral1
Sample
13e42b0bcd4ec6702d2ff4ce5f5b1ccd_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
13e42b0bcd4ec6702d2ff4ce5f5b1ccd_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
13e42b0bcd4ec6702d2ff4ce5f5b1ccd_JaffaCakes118
-
Size
198KB
-
MD5
13e42b0bcd4ec6702d2ff4ce5f5b1ccd
-
SHA1
cdbb772997cd8f79b889ad790b1a3e326ae69b1b
-
SHA256
82029f82fde8b78c4b0313a58d89c32a078fc18f565cc4ebc4b0ab30d340b675
-
SHA512
e773fcc81d6a547f9910c107a47e6edeedfa5666397a26e2ca0f9a25b471ab247e8545d44949ab87263d5a30fd2c707af0fd8fa33f3b041529a73f10a2ecd949
-
SSDEEP
3072:fBivIGKtx6KXqK5hLkYX9aZCwFNEFQCqqXsUNq4WXeY6+vvDDRrs+eq:UIGK/EKLnuCwzFUNqhOYzt
Score7/10-
Deletes itself
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-