Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
09/05/2024, 21:13
General
-
Target
2bbb36d2fc9cea2c2cd9e1d79b747032_JaffaCakes118.exe
-
Size
17.9MB
-
MD5
2bbb36d2fc9cea2c2cd9e1d79b747032
-
SHA1
1afcf4c95067493a0329a59d851989a0a1a4280b
-
SHA256
bdf243c28bd6546d82912f0c9b8d9a4066aa480e3e6ffe3743133bd99b1b6e09
-
SHA512
cf5799e738aa54bf491ec31c92abb729876f32dd56018737612acad6225020599d66d4176cdd34f48ec8b8248345e2cb2c23332a08fd44fc5738ccd4b8044b6a
-
SSDEEP
393216:1QIeEr3FJEJzphbtprN3rdEgaUYdqYw1W+/:1QItr3F+Jz3TEgUdqtW+
Score
4/10
Malware Config
Signatures
-
Drops file in Windows directory 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2bbb36d2fc9cea2c2cd9e1d79b747032_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\2bbb36d2fc9cea2c2cd9e1d79b747032_JaffaCakes118.exe"1⤵
- Drops file in Windows directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Windows\sv.bat2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\reg.exereg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 1 /f3⤵
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
116B
MD525d71d5cf6b64e80d1fa1b821d11248b
SHA1238ecb551bba5267e8ae98d4d8f33297a85b0458
SHA2564a3b8ebb44d9f024ac262aef474480295d2fa1bb9bd810e2404d4d4165aa6e10
SHA512b2c5cc972cfe10b599c5e905828eb67f74c424f4ca8fc0f05937ab777a847bc9cdc4f03b7373f0abec74f4c31a37ac01bb56d2c602a6e4560f35bb4f6f81dc49