Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

2a6f35bc16...18.vbs

windows7-x64

1

2a6f35bc16...18.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/03/2024, 19:13 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a6f35bc16dc4ef2b8a2ccc4f2881f46_JaffaCakes118.vbs

  • Size

    295KB

  • MD5

    2a6f35bc16dc4ef2b8a2ccc4f2881f46

  • SHA1

    9a8fa18a321872c0f1a0e1765f69a99dd8f45fec

  • SHA256

    a3c88a3fd571d8fa2179fe8f1fa9c01a87a304e2ae785c02087c495bd8ee6ccd

  • SHA512

    4dc7a2e88cc085f34b9c60c0c84d09f67ce623016aff39a33c895549f7eef0b536419ac1ebf58625bad462dca588c5f3007245d4978a60161bdabea906d45e13

  • SSDEEP

    192:fnnnknnknknnknnknnknknknknknknknknknMnknknnknnknnnknknnknknknknJ:+

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\2a6f35bc16dc4ef2b8a2ccc4f2881f46_JaffaCakes118.vbs"
    1⤵
      PID:3456

    Network

    • flag-us
      DNS
      58.55.71.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      58.55.71.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      73.31.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.31.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      41.134.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      41.134.221.88.in-addr.arpa
      IN PTR
      Response
      41.134.221.88.in-addr.arpa
      IN PTR
      a88-221-134-41deploystaticakamaitechnologiescom
    • flag-us
      DNS
      241.150.49.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.150.49.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      103.169.127.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      103.169.127.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      206.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      206.23.85.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      217.135.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      217.135.221.88.in-addr.arpa
      IN PTR
      Response
      217.135.221.88.in-addr.arpa
      IN PTR
      a88-221-135-217deploystaticakamaitechnologiescom
    • flag-us
      DNS
      218.135.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      218.135.221.88.in-addr.arpa
      IN PTR
      Response
      218.135.221.88.in-addr.arpa
      IN PTR
      a88-221-135-218deploystaticakamaitechnologiescom
    • flag-us
      DNS
      66.134.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      66.134.221.88.in-addr.arpa
      IN PTR
      Response
      66.134.221.88.in-addr.arpa
      IN PTR
      a88-221-134-66deploystaticakamaitechnologiescom
    No results found
    • 8.8.8.8:53
      58.55.71.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      58.55.71.13.in-addr.arpa

    • 8.8.8.8:53
      73.31.126.40.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      73.31.126.40.in-addr.arpa

    • 8.8.8.8:53
      41.134.221.88.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      41.134.221.88.in-addr.arpa

    • 8.8.8.8:53
      241.150.49.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      241.150.49.20.in-addr.arpa

    • 8.8.8.8:53
      103.169.127.40.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      103.169.127.40.in-addr.arpa

    • 8.8.8.8:53
      206.23.85.13.in-addr.arpa
      dns
      71 B
       145 B
       1
      1

      DNS Request

      206.23.85.13.in-addr.arpa

    • 8.8.8.8:53
      217.135.221.88.in-addr.arpa
      dns
      73 B
       139 B
       1
      1

      DNS Request

      217.135.221.88.in-addr.arpa

    • 8.8.8.8:53
      218.135.221.88.in-addr.arpa
      dns
      73 B
       139 B
       1
      1

      DNS Request

      218.135.221.88.in-addr.arpa

    • 8.8.8.8:53
      66.134.221.88.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      66.134.221.88.in-addr.arpa

    • 8.8.8.8:53

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.