Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
06/04/2024, 14:40
Static task
static1
Behavioral task
behavioral1
Sample
e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe
-
Size
269KB
-
MD5
e2c35a18eadf6cb3ddc6fcd7b69237a0
-
SHA1
3559ed4b2d6e8e363c5e539aec2a8b7c7a58e3c0
-
SHA256
e702273d988557cad1dc79a54e27a4d063486bfd31a9efdcb442b301a483159c
-
SHA512
169d4cf0e940f12f42036a1f1eeb8fa3e370eebbcd34d1ee366c2b08a1e61e88ddc73108375c1be34cee42acabc5a260014c3c07bad5af0a02f3841e66e4b05a
-
SSDEEP
3072:YbXiwzKuYtMeMQK1ufgEyXFJieLjU0jC14B7mrZcAPQIX5:6Tm2eMQ6SgFXbt7iZ54I
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Windows\CurrentVersion\Run\7072797e746a6833786578 = "C:\\Users\\Admin\\ciwu.exe" e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe -
Suspicious behavior: RenamesItself 1 IoCs
pid Process 1624 e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe