Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 16:31

General

  • Target

    ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe

  • Size

    92KB

  • MD5

    ffb54a593c21770e07a7a8ed29eb4398

  • SHA1

    a5bcd270739afdd2f29c9849f4c7f2e16602c518

  • SHA256

    bf10c79411a7a7fa0160ecbca40e56bf5820655c2e6da9c5e44a7a35192f2c0d

  • SHA512

    d07ecb76499531117e267ac949c74dc1dbc96f65a17036ce6f15154eb688fcd23120e6cfca861d15c42a304888b277f1d9dea1a65dab987ee541968f94935d55

  • SSDEEP

    1536:SSOhET7Ou4QaJ0IBSuxkXJFL3mmK/RYsxKAIs27OxiEGPYKI/TkF/00J6IA7cBa:ST/3JzBvwl2m0vMzVX5SkF/MoBa

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ffb54a593c21770e07a7a8ed29eb4398_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\Temp\tmp.exe

    Filesize

    48KB

    MD5

    d37ae54968a67ce298f4a9b1c09ff1f6

    SHA1

    dc38ef9d179154a5f5b613dad2196b0c63f78468

    SHA256

    9bb70645d4abb7e288a9f2f077a696bdc6fc4c3c3a5418e0a7fcbbfb95675a63

    SHA512

    7c117a0962cb2fafb63b6a98fefa97e57b70958482582c210005aa734cc7079095fff2ded922cb592b197ad7f9dc684ae2ed5df3d236c01a6c4903b89839b2b1