Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d5eddf7321df60483dec4138d26e2118_JaffaCakes118
-
Size
170KB
-
Sample
241208-jd12vaskcn
-
MD5
d5eddf7321df60483dec4138d26e2118
-
SHA1
3955158ee5711e9ce9cecc5f7146ef931254018e
-
SHA256
2dbfb33c7983dabc2d94ca0018661a0ac22f3fb212e13fcdc144f6a933bc3761
-
SHA512
3739d17a9e026618c5af6e2bd6b703b9b16cf8b1ea6ebbba0210df102434984c2ac1bb990cc2ea740af9d64b39168a6a8cba790857577a3ace2a0c66b74e4c9c
-
SSDEEP
3072:D2d9X4953BCnv+nbPyx/gKeGv6QyqV9ERa9zPdolLPE0wazbIL6TR:DUI9tTbxK/v2qrV9zPOlLPE/Y
Static task
static1
Behavioral task
behavioral1
Sample
d5eddf7321df60483dec4138d26e2118_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
d5eddf7321df60483dec4138d26e2118_JaffaCakes118
-
Size
170KB
-
MD5
d5eddf7321df60483dec4138d26e2118
-
SHA1
3955158ee5711e9ce9cecc5f7146ef931254018e
-
SHA256
2dbfb33c7983dabc2d94ca0018661a0ac22f3fb212e13fcdc144f6a933bc3761
-
SHA512
3739d17a9e026618c5af6e2bd6b703b9b16cf8b1ea6ebbba0210df102434984c2ac1bb990cc2ea740af9d64b39168a6a8cba790857577a3ace2a0c66b74e4c9c
-
SSDEEP
3072:D2d9X4953BCnv+nbPyx/gKeGv6QyqV9ERa9zPdolLPE0wazbIL6TR:DUI9tTbxK/v2qrV9zPOlLPE/Y
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Adds Run key to start application
-