Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
15c874c0f92c845193085ef131f71350_JaffaCakes118
-
Size
48KB
-
Sample
241005-cs5v1szdpp
-
MD5
15c874c0f92c845193085ef131f71350
-
SHA1
a7d58c5c52250c63e9a36bcd219c6b7f59eb5cd5
-
SHA256
09afceb9b2008c2fdb38c8d15f8673e73a6b3ab0099774de00b3fe5eb4a18436
-
SHA512
d306f26158c8d7b607266fa18e68b8577baefcb445c7337cbe87b2a9ea29a42b300028ed666d4755be5fe78abfa179002c62ece917c4602f189eef29c08e11b6
-
SSDEEP
768:jYEJbd6heGI5eubtgTVH7NHaurxmWXOQfwoObuPb77e0:jYE9J5pbml5lXAoO+H79
Static task
static1
Behavioral task
behavioral1
Sample
15c874c0f92c845193085ef131f71350_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
15c874c0f92c845193085ef131f71350_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
15c874c0f92c845193085ef131f71350_JaffaCakes118
-
Size
48KB
-
MD5
15c874c0f92c845193085ef131f71350
-
SHA1
a7d58c5c52250c63e9a36bcd219c6b7f59eb5cd5
-
SHA256
09afceb9b2008c2fdb38c8d15f8673e73a6b3ab0099774de00b3fe5eb4a18436
-
SHA512
d306f26158c8d7b607266fa18e68b8577baefcb445c7337cbe87b2a9ea29a42b300028ed666d4755be5fe78abfa179002c62ece917c4602f189eef29c08e11b6
-
SSDEEP
768:jYEJbd6heGI5eubtgTVH7NHaurxmWXOQfwoObuPb77e0:jYE9J5pbml5lXAoO+H79
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2