Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d495d46aa94ff0b1c5e7e66657b01443_JaffaCakes118
-
Size
179KB
-
Sample
241208-bt375svldw
-
MD5
d495d46aa94ff0b1c5e7e66657b01443
-
SHA1
e10b138de70cec132b76dd3a006352dd787032f6
-
SHA256
38447fdcdc09d089f3c93c1424772481bafd0f4813248b25bee55b697986b59b
-
SHA512
f2928ba2d9d5cd0b1ccba152b7680498785d21787b3879d5aa6ef4ecd82902dd737059ed085c4b966002d3def2ce8f0c83bc4ec33118e5b555d9fed2a1dc8756
-
SSDEEP
3072:6OLxXPp90s5a6nxOQT/JEFiqhvFEF+jkluESbwiwFwgw4rv:tJTg6nxjTKFXw+WkwiwFwgw4b
Static task
static1
Behavioral task
behavioral1
Sample
d495d46aa94ff0b1c5e7e66657b01443_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d495d46aa94ff0b1c5e7e66657b01443_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
pony
http://174.140.167.107/forum/viewtopic.php
http://50.116.10.16/forum/viewtopic.php
-
payload_url
http://christnationministries.org/7esm585L/n2FUnu.exe
http://lepeltorg.by/DSatJhLS/BhD.exe
http://colourscan63.com/FhZz9A1t/6qn.exe
Targets
-
-
Target
d495d46aa94ff0b1c5e7e66657b01443_JaffaCakes118
-
Size
179KB
-
MD5
d495d46aa94ff0b1c5e7e66657b01443
-
SHA1
e10b138de70cec132b76dd3a006352dd787032f6
-
SHA256
38447fdcdc09d089f3c93c1424772481bafd0f4813248b25bee55b697986b59b
-
SHA512
f2928ba2d9d5cd0b1ccba152b7680498785d21787b3879d5aa6ef4ecd82902dd737059ed085c4b966002d3def2ce8f0c83bc4ec33118e5b555d9fed2a1dc8756
-
SSDEEP
3072:6OLxXPp90s5a6nxOQT/JEFiqhvFEF+jkluESbwiwFwgw4rv:tJTg6nxjTKFXw+WkwiwFwgw4b
-
Pony family
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-