Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_bf9fc4d9b8d9461e59169444664ce1c6
-
Size
170KB
-
Sample
250208-gd82cayld1
-
MD5
bf9fc4d9b8d9461e59169444664ce1c6
-
SHA1
c5853e8e7e8f8f6990ff69879120d8d15e557f0d
-
SHA256
13ea24659f5571b5097bcf2fa07464a18dde7e9e2746a6c3139179a8c8d4b084
-
SHA512
9bbf9811bf1cf9eef1a91eeb0127864a9939c9e183d701c95b993a3db80aa0e703087ba2b9ce5f139990c6d7a90fc02941fbd215340e1225a8f9214d2a9007c8
-
SSDEEP
1536:JxqjQ+P04wsmJC2Vloa2rYsbDvZO/U+SeOw6nXD1GYv+8VLpsGS1GYv+8VLpsGD:sr85CF5vZOM+SexGvRLGtvRLGu
Behavioral task
behavioral1
Sample
JaffaCakes118_bf9fc4d9b8d9461e59169444664ce1c6.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_bf9fc4d9b8d9461e59169444664ce1c6.exe
Resource
win10v2004-20250207-en
Malware Config
Targets
-
-
Target
JaffaCakes118_bf9fc4d9b8d9461e59169444664ce1c6
-
Size
170KB
-
MD5
bf9fc4d9b8d9461e59169444664ce1c6
-
SHA1
c5853e8e7e8f8f6990ff69879120d8d15e557f0d
-
SHA256
13ea24659f5571b5097bcf2fa07464a18dde7e9e2746a6c3139179a8c8d4b084
-
SHA512
9bbf9811bf1cf9eef1a91eeb0127864a9939c9e183d701c95b993a3db80aa0e703087ba2b9ce5f139990c6d7a90fc02941fbd215340e1225a8f9214d2a9007c8
-
SSDEEP
1536:JxqjQ+P04wsmJC2Vloa2rYsbDvZO/U+SeOw6nXD1GYv+8VLpsGS1GYv+8VLpsGD:sr85CF5vZOM+SexGvRLGtvRLGu
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1