Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21/04/2024, 16:31
Static task
static1
Behavioral task
behavioral1
Sample
ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe
-
Size
92KB
-
MD5
ffb54a593c21770e07a7a8ed29eb4398
-
SHA1
a5bcd270739afdd2f29c9849f4c7f2e16602c518
-
SHA256
bf10c79411a7a7fa0160ecbca40e56bf5820655c2e6da9c5e44a7a35192f2c0d
-
SHA512
d07ecb76499531117e267ac949c74dc1dbc96f65a17036ce6f15154eb688fcd23120e6cfca861d15c42a304888b277f1d9dea1a65dab987ee541968f94935d55
-
SSDEEP
1536:SSOhET7Ou4QaJ0IBSuxkXJFL3mmK/RYsxKAIs27OxiEGPYKI/TkF/00J6IA7cBa:ST/3JzBvwl2m0vMzVX5SkF/MoBa
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\SysWOW64\s.exe ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2212 ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48KB
MD5d37ae54968a67ce298f4a9b1c09ff1f6
SHA1dc38ef9d179154a5f5b613dad2196b0c63f78468
SHA2569bb70645d4abb7e288a9f2f077a696bdc6fc4c3c3a5418e0a7fcbbfb95675a63
SHA5127c117a0962cb2fafb63b6a98fefa97e57b70958482582c210005aa734cc7079095fff2ded922cb592b197ad7f9dc684ae2ed5df3d236c01a6c4903b89839b2b1