Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
21/04/2024, 10:46
General
-
Target
ff1aa31f4f6715bfef4d623cede134b2_JaffaCakes118.exe
-
Size
265KB
-
MD5
ff1aa31f4f6715bfef4d623cede134b2
-
SHA1
4500642f61626fd7cd4fa471169619460eeed7d2
-
SHA256
aa9b6dcb936a8fe6826e12fbf628c3ca0c85b5eede66c450ff3b4838a84dcc2b
-
SHA512
e1f46c46d3ae5e21c9c53e57470824f3d26f797684ed5b088d146324c736508b87f094354cb3f5c6ae0f69f1423d69455adf60d4d551515f2607f626b550f49a
-
SSDEEP
3072:yqnuKBRTUZWtKkKjCS7jsiGTUexestDFP3ZgX7F7CKSuXYxUfJhse+VCI4K+iZPb:yqnu4DtKmSfsiUUerPI71SXWwehBiB
Score
10/10
Malware Config
Extracted
Family
gcleaner
C2
ggg-cl.biz
45.9.20.13
Signatures
-
GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
-
OnlyLogger
A tiny loader that uses IPLogger to get its payload.
-
OnlyLogger payload 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\ff1aa31f4f6715bfef4d623cede134b2_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\ff1aa31f4f6715bfef4d623cede134b2_JaffaCakes118.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1024KB
-
Filesize
188KB
-
Filesize
39.5MB
-
Filesize
39.5MB
-
Filesize
1024KB
-
Filesize
188KB