Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
db7241a0d65a834adc9701d1878d2653_JaffaCakes118
-
Size
158KB
-
Sample
241209-zgw53avrhp
-
MD5
db7241a0d65a834adc9701d1878d2653
-
SHA1
4510482471b4f1a69635fdddec525d4e907212c4
-
SHA256
4d49f015bd331bf7f5f75b80579179d6185ad9e44855d0db7e5113ff932a50ad
-
SHA512
c02d4d667292c2d0f6f8f6f149603d8dc5210a6a8460b1d30f472bb6f91af5cdad1a57364befd3a68460e69fb47ae0a3bc5e535e706cc94997f304e53402ba8f
-
SSDEEP
3072:+nOyU5aSxU9SCdHkW+5aTFl9GF8Y3QyxoPbV5Eq:EOyU5uSCWWSapl9Vu94H
Static task
static1
Behavioral task
behavioral1
Sample
db7241a0d65a834adc9701d1878d2653_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
db7241a0d65a834adc9701d1878d2653_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
db7241a0d65a834adc9701d1878d2653_JaffaCakes118
-
Size
158KB
-
MD5
db7241a0d65a834adc9701d1878d2653
-
SHA1
4510482471b4f1a69635fdddec525d4e907212c4
-
SHA256
4d49f015bd331bf7f5f75b80579179d6185ad9e44855d0db7e5113ff932a50ad
-
SHA512
c02d4d667292c2d0f6f8f6f149603d8dc5210a6a8460b1d30f472bb6f91af5cdad1a57364befd3a68460e69fb47ae0a3bc5e535e706cc94997f304e53402ba8f
-
SSDEEP
3072:+nOyU5aSxU9SCdHkW+5aTFl9GF8Y3QyxoPbV5Eq:EOyU5uSCWWSapl9Vu94H
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Adds Run key to start application
-