Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2024, 17:37

General

  • Target

    aaf22df556d21bd1720cd97667875320_JaffaCakes118.exe

  • Size

    925KB

  • MD5

    aaf22df556d21bd1720cd97667875320

  • SHA1

    1740958769868d0ee412f1163e925a64939f3bec

  • SHA256

    1fc227d355b165743a37b92dd129c088cd51591e36beb9e8f2c670ddde7610b7

  • SHA512

    ec8aba67952ef7de45fd093bce212e6aaa1c4364c41de6185b7c75172f44263b1795bc6ec820b5caae63495d86273621ae124c479bbc4cdc2532b58f9842155b

  • SSDEEP

    6144:LKSD7pPGByB7b8Cm6+bG50ggmH0cZBFSEds+J/mwbnX3Ef0wEP39pPzsWL:O+7pPGBydIrmeEoEdPJPbX3E1EP39XL

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 18 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aaf22df556d21bd1720cd97667875320_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\aaf22df556d21bd1720cd97667875320_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:3040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\TestSecurity.5.5.0.1.dll

    Filesize

    504KB

    MD5

    2fbe78ebb59f2be598200dcb03515ce7

    SHA1

    02a4c5c9818f285eba20549bd60afe2517bac2b8

    SHA256

    9b68792284fcbac9df61ac85a1e3ad37509442b7ca7ef4336b18a552378c9348

    SHA512

    cc3d7f3c3f98f0f1fe5f642b333e2ff2f041982943f48778a9af1e634b8e588262297b916c2f39f20a813f9aecb65a803a1058c2594bd5e0c93e8a180c1898bd