Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118
-
Size
164KB
-
Sample
241208-c14mxssrfp
-
MD5
d4d2ed9af22b504d28a3c71ba44fb931
-
SHA1
785efcd0d606fa798b991bd9cb3cf945e7193a53
-
SHA256
a20a0fa81c86275ebbb5aa0d465adc297391172e034ba4c3a9f73b5e34fe0922
-
SHA512
4d9d82edf3faaf296955fc01717225223f7f10abd9c2566aba2d4e2bcf437548488086019400520ae7d697f7840237f147dd26274e44ffa2bf53176565306e55
-
SSDEEP
3072:Y1wgtKwbbsgG6ZpBcxoOevxh2mo/uJ3bWhj6f0:Y1HQo9pZfmJuJ3q
Static task
static1
Behavioral task
behavioral1
Sample
d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118
-
Size
164KB
-
MD5
d4d2ed9af22b504d28a3c71ba44fb931
-
SHA1
785efcd0d606fa798b991bd9cb3cf945e7193a53
-
SHA256
a20a0fa81c86275ebbb5aa0d465adc297391172e034ba4c3a9f73b5e34fe0922
-
SHA512
4d9d82edf3faaf296955fc01717225223f7f10abd9c2566aba2d4e2bcf437548488086019400520ae7d697f7840237f147dd26274e44ffa2bf53176565306e55
-
SSDEEP
3072:Y1wgtKwbbsgG6ZpBcxoOevxh2mo/uJ3bWhj6f0:Y1HQo9pZfmJuJ3q
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Adds Run key to start application
-