Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/04/2024, 14:40

General

  • Target

    e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe

  • Size

    269KB

  • MD5

    e2c35a18eadf6cb3ddc6fcd7b69237a0

  • SHA1

    3559ed4b2d6e8e363c5e539aec2a8b7c7a58e3c0

  • SHA256

    e702273d988557cad1dc79a54e27a4d063486bfd31a9efdcb442b301a483159c

  • SHA512

    169d4cf0e940f12f42036a1f1eeb8fa3e370eebbcd34d1ee366c2b08a1e61e88ddc73108375c1be34cee42acabc5a260014c3c07bad5af0a02f3841e66e4b05a

  • SSDEEP

    3072:YbXiwzKuYtMeMQK1ufgEyXFJieLjU0jC14B7mrZcAPQIX5:6Tm2eMQ6SgFXbt7iZ54I

Score
6/10

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\e2c35a18eadf6cb3ddc6fcd7b69237a0_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:4000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads