Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c93103ec961eb6dd2366d47e999b48c6_JaffaCakes118
-
Size
170KB
-
Sample
241205-yp5lqsyrh1
-
MD5
c93103ec961eb6dd2366d47e999b48c6
-
SHA1
482209e30098bc8c6528e34d985aec3ae11fd60e
-
SHA256
171a0c90fb780b65688a1c7c185524c241b15983e7b5a64d8c6de5480d24a598
-
SHA512
9942d7f4abb6031e5c08b1901826cb1e1098ea556529d042bcc17125b8411e01fb368859e4b8404db0e298fb249b49b43bc081cc5b18c602aa153be7547e2913
-
SSDEEP
3072:D2d9X4953BCnv+nbPyx/gKeGv6QyqV9ERa9zPdolLPE0wazbIL6TR:DUI9tTbxK/v2qrV9zPOlLPE/Y
Static task
static1
Behavioral task
behavioral1
Sample
c93103ec961eb6dd2366d47e999b48c6_JaffaCakes118.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
c93103ec961eb6dd2366d47e999b48c6_JaffaCakes118
-
Size
170KB
-
MD5
c93103ec961eb6dd2366d47e999b48c6
-
SHA1
482209e30098bc8c6528e34d985aec3ae11fd60e
-
SHA256
171a0c90fb780b65688a1c7c185524c241b15983e7b5a64d8c6de5480d24a598
-
SHA512
9942d7f4abb6031e5c08b1901826cb1e1098ea556529d042bcc17125b8411e01fb368859e4b8404db0e298fb249b49b43bc081cc5b18c602aa153be7547e2913
-
SSDEEP
3072:D2d9X4953BCnv+nbPyx/gKeGv6QyqV9ERa9zPdolLPE0wazbIL6TR:DUI9tTbxK/v2qrV9zPOlLPE/Y
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Adds Run key to start application
-