Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d933b96bdbf6362c640d7c97fe9f213a_JaffaCakes118
-
Size
170KB
-
Sample
241209-mp1r1azjgm
-
MD5
d933b96bdbf6362c640d7c97fe9f213a
-
SHA1
727ba56215856493a986a3a0eb0c8b6d338dfed0
-
SHA256
493c11cff84d5664f7a8b80238bfc5e1d40c5c5a534fdcfe3f0f557eb9e1ddb7
-
SHA512
928d2e9d812e2756d0402841c25621d76933d88c218cdeb2d47352b4cd615831944865ed89ae28105f63681501d272aa165b2ec2fa136495ac4667738adfff54
-
SSDEEP
3072:TWTp7FGUqNppEwIXBMB/2Uj3WOrnI5Gg7VVhrY+flZNOR6Z4wk:TWTpZZqhETxMURceSu
Static task
static1
Behavioral task
behavioral1
Sample
d933b96bdbf6362c640d7c97fe9f213a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d933b96bdbf6362c640d7c97fe9f213a_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d933b96bdbf6362c640d7c97fe9f213a_JaffaCakes118
-
Size
170KB
-
MD5
d933b96bdbf6362c640d7c97fe9f213a
-
SHA1
727ba56215856493a986a3a0eb0c8b6d338dfed0
-
SHA256
493c11cff84d5664f7a8b80238bfc5e1d40c5c5a534fdcfe3f0f557eb9e1ddb7
-
SHA512
928d2e9d812e2756d0402841c25621d76933d88c218cdeb2d47352b4cd615831944865ed89ae28105f63681501d272aa165b2ec2fa136495ac4667738adfff54
-
SSDEEP
3072:TWTp7FGUqNppEwIXBMB/2Uj3WOrnI5Gg7VVhrY+flZNOR6Z4wk:TWTpZZqhETxMURceSu
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Adds Run key to start application
-