Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e32d431c7e28cf4392cabf071876c830_JaffaCakes118
-
Size
179KB
-
Sample
241211-zntnhssmhl
-
MD5
e32d431c7e28cf4392cabf071876c830
-
SHA1
5a7e765a22c1b17a367605629c0585a94f4d42c1
-
SHA256
09a79b2d84ce8c6c9ed98ae25dcbfdd8b69edaa2d07e1418a452b622399468de
-
SHA512
0068c9ba1f3ec2fa02401b2f309358a0a001a4019471f13b434a5ac04de2893c482ba911d44b6d73815f879c5d10c93ebad8f1dab94336a3f34a98f06356b382
-
SSDEEP
3072:Qvpp4K6gHfihdTAMqciIrCRSSINuE4uVmqfWVpkmvFbYdupGb3HSbtLnlr+6Z6nZ:yH46HfihdTAMsIrCvhE4uEqEvFbYdefX
Static task
static1
Behavioral task
behavioral1
Sample
e32d431c7e28cf4392cabf071876c830_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e32d431c7e28cf4392cabf071876c830_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e32d431c7e28cf4392cabf071876c830_JaffaCakes118
-
Size
179KB
-
MD5
e32d431c7e28cf4392cabf071876c830
-
SHA1
5a7e765a22c1b17a367605629c0585a94f4d42c1
-
SHA256
09a79b2d84ce8c6c9ed98ae25dcbfdd8b69edaa2d07e1418a452b622399468de
-
SHA512
0068c9ba1f3ec2fa02401b2f309358a0a001a4019471f13b434a5ac04de2893c482ba911d44b6d73815f879c5d10c93ebad8f1dab94336a3f34a98f06356b382
-
SSDEEP
3072:Qvpp4K6gHfihdTAMqciIrCRSSINuE4uVmqfWVpkmvFbYdupGb3HSbtLnlr+6Z6nZ:yH46HfihdTAMsIrCvhE4uEqEvFbYdefX
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-