Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f00774a9eb0843d6661183fff0b1e036_JaffaCakes118
-
Size
12KB
-
Sample
241214-wp954szme1
-
MD5
f00774a9eb0843d6661183fff0b1e036
-
SHA1
02bbff2a919a856488c83db3f302ad52f4a3cef7
-
SHA256
36e27fc3d476b9e94813b20e50d6fd88694bf0e4ad4372cec351481e668e1754
-
SHA512
35d8f208764359ddc780a9a3d16368871822cdd58105b0d733dc787f45ea833f1dc7b40bd6a65f7e9be209de5b35603dca72a963362e681e2a24186316b12b28
-
SSDEEP
192:m/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMLzo+xPmfX:mebFNw4Pk1itKkpAjjI2YpdmLzefEda
Malware Config
Targets
-
-
Target
f00774a9eb0843d6661183fff0b1e036_JaffaCakes118
-
Size
12KB
-
MD5
f00774a9eb0843d6661183fff0b1e036
-
SHA1
02bbff2a919a856488c83db3f302ad52f4a3cef7
-
SHA256
36e27fc3d476b9e94813b20e50d6fd88694bf0e4ad4372cec351481e668e1754
-
SHA512
35d8f208764359ddc780a9a3d16368871822cdd58105b0d733dc787f45ea833f1dc7b40bd6a65f7e9be209de5b35603dca72a963362e681e2a24186316b12b28
-
SSDEEP
192:m/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMLzo+xPmfX:mebFNw4Pk1itKkpAjjI2YpdmLzefEda
Score9/10-
Renames multiple (2503) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-