Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
14/06/2024, 17:37
General
-
Target
aaf22df556d21bd1720cd97667875320_JaffaCakes118.exe
-
Size
925KB
-
MD5
aaf22df556d21bd1720cd97667875320
-
SHA1
1740958769868d0ee412f1163e925a64939f3bec
-
SHA256
1fc227d355b165743a37b92dd129c088cd51591e36beb9e8f2c670ddde7610b7
-
SHA512
ec8aba67952ef7de45fd093bce212e6aaa1c4364c41de6185b7c75172f44263b1795bc6ec820b5caae63495d86273621ae124c479bbc4cdc2532b58f9842155b
-
SSDEEP
6144:LKSD7pPGByB7b8Cm6+bG50ggmH0cZBFSEds+J/mwbnX3Ef0wEP39pPzsWL:O+7pPGBydIrmeEoEdPJPbX3E1EP39XL
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 18 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\aaf22df556d21bd1720cd97667875320_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\aaf22df556d21bd1720cd97667875320_JaffaCakes118.exe"1⤵
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
504KB
MD52fbe78ebb59f2be598200dcb03515ce7
SHA102a4c5c9818f285eba20549bd60afe2517bac2b8
SHA2569b68792284fcbac9df61ac85a1e3ad37509442b7ca7ef4336b18a552378c9348
SHA512cc3d7f3c3f98f0f1fe5f642b333e2ff2f041982943f48778a9af1e634b8e588262297b916c2f39f20a813f9aecb65a803a1058c2594bd5e0c93e8a180c1898bd