Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

eda0064640...118.js

windows7-x64

1

eda0064640...118.js

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/04/2024, 14:22 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eda00646403ffd6503f45b869a2309d6_JaffaCakes118.js

  • Size

    86KB

  • MD5

    eda00646403ffd6503f45b869a2309d6

  • SHA1

    e17b8717ad8e8350627c9ae5840034d2125157b5

  • SHA256

    c6e17a8a5ebb410bd396ba47f5c3f21e5270856019f3a8bd13b8d51229a226c2

  • SHA512

    e88346ca46fc853466e9d76cc5a73b4dbe2ddb12cad46df8ca4b1479a9f34c6a3454e1edb78b7285a410bb7be87d24b2884849e14c37da855cffcd6ba855ac18

  • SSDEEP

    1536:KeUVrgYtRA+VMI3AbHmEhSD/qiVCfZFt1QL:dU2YtRhMI30vAqiVCfPt12

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\eda00646403ffd6503f45b869a2309d6_JaffaCakes118.js
    1⤵
      PID:1596
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5248 --field-trial-handle=2236,i,5367110156796017614,12594004256180761011,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:2212

      Network

      • flag-us
        DNS
        133.211.185.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        133.211.185.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        233.143.123.92.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        233.143.123.92.in-addr.arpa
        IN PTR
        Response
        233.143.123.92.in-addr.arpa
        IN PTR
        a92-123-143-233deploystaticakamaitechnologiescom
      • flag-us
        DNS
        74.32.126.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        74.32.126.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        196.249.167.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        196.249.167.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        15.164.165.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        15.164.165.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        157.123.68.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        157.123.68.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        65.139.73.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        65.139.73.23.in-addr.arpa
        IN PTR
        Response
        65.139.73.23.in-addr.arpa
        IN PTR
        a23-73-139-65deploystaticakamaitechnologiescom
      • flag-us
        DNS
        249.197.17.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        249.197.17.2.in-addr.arpa
        IN PTR
        Response
        249.197.17.2.in-addr.arpa
        IN PTR
        a2-17-197-249deploystaticakamaitechnologiescom
      • flag-us
        DNS
        240.197.17.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        240.197.17.2.in-addr.arpa
        IN PTR
        Response
        240.197.17.2.in-addr.arpa
        IN PTR
        a2-17-197-240deploystaticakamaitechnologiescom
      • flag-us
        DNS
        233.17.178.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        233.17.178.52.in-addr.arpa
        IN PTR
        Response
      • 20.231.121.79:80
        46 B
         1
      • 13.107.246.64:443
        46 B
         40 B
         1
        1
      • 8.8.8.8:53
        133.211.185.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        133.211.185.52.in-addr.arpa

      • 8.8.8.8:53
        233.143.123.92.in-addr.arpa
        dns
        73 B
         139 B
         1
        1

        DNS Request

        233.143.123.92.in-addr.arpa

      • 8.8.8.8:53
        74.32.126.40.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        74.32.126.40.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        146 B
         144 B
         2
        1

        DNS Request

        95.221.229.192.in-addr.arpa

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        196.249.167.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        196.249.167.52.in-addr.arpa

      • 8.8.8.8:53
        tls
        72 B
         160 B
         1
        1
      • 8.8.8.8:53
        15.164.165.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        15.164.165.52.in-addr.arpa

      • 8.8.8.8:53
        157.123.68.40.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        157.123.68.40.in-addr.arpa

      • 8.8.8.8:53
        65.139.73.23.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        65.139.73.23.in-addr.arpa

      • 8.8.8.8:53
        249.197.17.2.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        249.197.17.2.in-addr.arpa

      • 8.8.8.8:53
        240.197.17.2.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        240.197.17.2.in-addr.arpa

      • 8.8.8.8:53
        233.17.178.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        233.17.178.52.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.