Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4bc47294a5d7f790900cedb1abba6688_JaffaCakes118
-
Size
1.8MB
-
Sample
241016-halmba1gqk
-
MD5
4bc47294a5d7f790900cedb1abba6688
-
SHA1
833ee01e0190a9e719d8ec4d67796bd36c4c413a
-
SHA256
592b79997bcf90f34659af497ca305e2339422fbdde10988feaf4abc8edde321
-
SHA512
3325f8e465c11371a486edc0a68a1a972f8faf6c33181a6f0d0b83e60dbe96f2a8ba95080ede8eaa82070e264a44a9804b1cfbee2bc66beb7fe9f6a1533908f8
-
SSDEEP
49152:7sINvYk7Da5PSowkzsINvYk7Da5PSowk:JYaa5PvhYaa5Pv
Static task
static1
Behavioral task
behavioral1
Sample
4bc47294a5d7f790900cedb1abba6688_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4bc47294a5d7f790900cedb1abba6688_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4bc47294a5d7f790900cedb1abba6688_JaffaCakes118
-
Size
1.8MB
-
MD5
4bc47294a5d7f790900cedb1abba6688
-
SHA1
833ee01e0190a9e719d8ec4d67796bd36c4c413a
-
SHA256
592b79997bcf90f34659af497ca305e2339422fbdde10988feaf4abc8edde321
-
SHA512
3325f8e465c11371a486edc0a68a1a972f8faf6c33181a6f0d0b83e60dbe96f2a8ba95080ede8eaa82070e264a44a9804b1cfbee2bc66beb7fe9f6a1533908f8
-
SSDEEP
49152:7sINvYk7Da5PSowkzsINvYk7Da5PSowk:JYaa5PvhYaa5Pv
Score9/10-
Renames multiple (439) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-