Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
38722f871aba1f7ca605804bcafc21da_JaffaCakes118
-
Size
35KB
-
Sample
241012-e8ls7ayanj
-
MD5
38722f871aba1f7ca605804bcafc21da
-
SHA1
7f27bf3999bbcb7e06c58e5935d206f62a219721
-
SHA256
05f00d441ce0d850d14111ce67deb67c3c75cfa04fa50954373564bbb003ed36
-
SHA512
31fffe1280ce7a684ce2b50a238cffbc860cac6fbdc4812b54584b81cf67c6b566f62e3688c461767c26f1d1bed0abd3887a09f08cea675548e260ab46568523
-
SSDEEP
768:NqQoj/dSzNVQ1mDNJWbKEdBMQXQ3Cn4eQQYrcwxoZ:MQoj/YNJcAQY2
Static task
static1
Behavioral task
behavioral1
Sample
38722f871aba1f7ca605804bcafc21da_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
38722f871aba1f7ca605804bcafc21da_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
griptoloji - Password:
741852
Targets
-
-
Target
38722f871aba1f7ca605804bcafc21da_JaffaCakes118
-
Size
35KB
-
MD5
38722f871aba1f7ca605804bcafc21da
-
SHA1
7f27bf3999bbcb7e06c58e5935d206f62a219721
-
SHA256
05f00d441ce0d850d14111ce67deb67c3c75cfa04fa50954373564bbb003ed36
-
SHA512
31fffe1280ce7a684ce2b50a238cffbc860cac6fbdc4812b54584b81cf67c6b566f62e3688c461767c26f1d1bed0abd3887a09f08cea675548e260ab46568523
-
SSDEEP
768:NqQoj/dSzNVQ1mDNJWbKEdBMQXQ3Cn4eQQYrcwxoZ:MQoj/YNJcAQY2
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-