Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
11/05/2024, 15:47
Behavioral task
behavioral1
Sample
3558986122c8758d539f230d9258562a_JaffaCakes118.exe
Resource
win7-20240508-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
3558986122c8758d539f230d9258562a_JaffaCakes118.exe
Resource
win10v2004-20240508-en
3 signatures
150 seconds
General
-
Target
3558986122c8758d539f230d9258562a_JaffaCakes118.exe
-
Size
2.2MB
-
MD5
3558986122c8758d539f230d9258562a
-
SHA1
6de9710aa690b020c40c945901ff0e4c409e12e2
-
SHA256
baac1803ede2d2601ff58a603916e0e55a23c12b2358c49afbb8a13cb100ffa1
-
SHA512
86aaae73a2ffe83e96250ce9597acad6d8f5a728108ef4c1d8ed6338a29725aca1acb0909a1057d207e73a66e8e591d58a3c9a37b367ed9d12d2efbbe332ebdc
-
SSDEEP
49152:o+4InJLeXR3vtrE9K/3RmnQtSyjK0s3nd7vURw/Iu:J4IJLC4w/hmnNt7vx/t
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1736-11-0x00000000003C0000-0x00000000008A9000-memory.dmp vmprotect behavioral1/memory/1736-13-0x00000000003C0000-0x00000000008A9000-memory.dmp vmprotect -
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
pid Process 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe 1736 3558986122c8758d539f230d9258562a_JaffaCakes118.exe