Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
12/06/2024, 15:55
Static task
static1
Behavioral task
behavioral1
Sample
a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe
-
Size
571KB
-
MD5
a13ba0c1fdbad7648de9e93a4aaa17f6
-
SHA1
46ab2afaa7e289be5eb4bd3626be8144defb532a
-
SHA256
807b3866f5bf73d6d441d67a080ddb825de6b099f46f43b3a693c7f8d089ef03
-
SHA512
e5944285b22af01af3de441b68539d890e32e043387f7f8bc445ce4482ae1ec157bc0ad8ceb6d5198d2fa1f1d33f30efedcc9902fdb360d06a3b0823079551f9
-
SSDEEP
6144:jRwfqUKDPM5x3/nHFGpkg+p3F2wN2tjbTwxcueNrXa1DTgjAuJqaLe8tx8IZfL:W/nl99dF/2XUcVNrK1DTgS7TIZT
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
pid Process 2028 a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2028 a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe