Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3091345040789f001381782c5332ff95_JaffaCakes118
-
Size
606KB
-
Sample
241010-sss48axgkq
-
MD5
3091345040789f001381782c5332ff95
-
SHA1
39980487c86823efeb2b079c6a40bf2f33c88edd
-
SHA256
37722ebd458649670d3086a4d32bcbf66f33fc670ed1da04a4e187c240119d78
-
SHA512
a97b964ef904afe4b79bc6d963e2410ff832fdb642405be0d8cb6dfc6a2c1671f309e0ec2988cbd2a28a0f6a884644ac8302aa7a652b8d69ef8787c9a73325de
-
SSDEEP
12288:alzAKpxUbXUHqH6EU6/6IU6bbdyxdooMp:alDpxIXUKH6E9/6IU6bbdyxd7Mp
Static task
static1
Behavioral task
behavioral1
Sample
3091345040789f001381782c5332ff95_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3091345040789f001381782c5332ff95_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.top-semi.xyz - Port:
587 - Username:
[email protected] - Password:
saV#jXYoE9
Targets
-
-
Target
3091345040789f001381782c5332ff95_JaffaCakes118
-
Size
606KB
-
MD5
3091345040789f001381782c5332ff95
-
SHA1
39980487c86823efeb2b079c6a40bf2f33c88edd
-
SHA256
37722ebd458649670d3086a4d32bcbf66f33fc670ed1da04a4e187c240119d78
-
SHA512
a97b964ef904afe4b79bc6d963e2410ff832fdb642405be0d8cb6dfc6a2c1671f309e0ec2988cbd2a28a0f6a884644ac8302aa7a652b8d69ef8787c9a73325de
-
SSDEEP
12288:alzAKpxUbXUHqH6EU6/6IU6bbdyxdooMp:alDpxIXUKH6E9/6IU6bbdyxd7Mp
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-