Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2abc54b6e60ce6150710266937592b6c_JaffaCakes118
-
Size
200KB
-
Sample
241009-ezch6azgka
-
MD5
2abc54b6e60ce6150710266937592b6c
-
SHA1
c65d5fb77f4cad3ed30203bbf869f1d912bb203e
-
SHA256
0a28563e46f6a996870b3a452fc15959ca156ed11d39c8a5599dea17c005cdc2
-
SHA512
8de741ed6a95aa4c0cfffa762b40f73ab1856b394d5ff75957def51b5ff7a0e4a396c9d7b347cd1150fa10c8df6109caac71dbec1e1104cd943b03e8cebfd359
-
SSDEEP
6144:nFn9D7/p5/JpbqLGKTxRAYtUUMkRSJ91dL:x9D7/p5/JsisxRAJjaSb1h
Static task
static1
Behavioral task
behavioral1
Sample
2abc54b6e60ce6150710266937592b6c_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2abc54b6e60ce6150710266937592b6c_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2abc54b6e60ce6150710266937592b6c_JaffaCakes118
-
Size
200KB
-
MD5
2abc54b6e60ce6150710266937592b6c
-
SHA1
c65d5fb77f4cad3ed30203bbf869f1d912bb203e
-
SHA256
0a28563e46f6a996870b3a452fc15959ca156ed11d39c8a5599dea17c005cdc2
-
SHA512
8de741ed6a95aa4c0cfffa762b40f73ab1856b394d5ff75957def51b5ff7a0e4a396c9d7b347cd1150fa10c8df6109caac71dbec1e1104cd943b03e8cebfd359
-
SSDEEP
6144:nFn9D7/p5/JpbqLGKTxRAYtUUMkRSJ91dL:x9D7/p5/JsisxRAJjaSb1h
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-