Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b13f2fa51b...118.js

windows7-x64

3

b13f2fa51b...118.js

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/06/2024, 02:05 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b13f2fa51b6003b44f56989adaa56863_JaffaCakes118.js

  • Size

    141KB

  • MD5

    b13f2fa51b6003b44f56989adaa56863

  • SHA1

    5c574736055c99510f1b08c3c56fbb144139ee77

  • SHA256

    c1b0e2c20e752bc13a53541d02cc7a6be2c0b53f75bdaafd704c6b2d875cbd09

  • SHA512

    dd4a8e10e90c5e313029b53201a7e5d2703849882d6ec2f4a72dac75376d68b991e68bb3d19f0fea5fec8eea4ebffef9f6fc81d3f15eb984427346741b664927

  • SSDEEP

    3072:9SGZ6N+9a2VcG+MQu5AulgYcyHOZ99Lp3UQqlZRvF0fLLjos52qhqnVW+:9d+MQ2AulgfyHOZ99Lp3UQqlZRvF0zL6

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\b13f2fa51b6003b44f56989adaa56863_JaffaCakes118.js
    1⤵
      PID:4292
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=940 --field-trial-handle=2252,i,16504368816373493055,9578615028378602855,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:1256

      Network

      • flag-us
        DNS
        209.205.72.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        209.205.72.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        0.205.248.87.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        0.205.248.87.in-addr.arpa
        IN PTR
        Response
        0.205.248.87.in-addr.arpa
        IN PTR
        https-87-248-205-0lgwllnwnet
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        241.150.49.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        241.150.49.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        97.17.167.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        97.17.167.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        183.59.114.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        183.59.114.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        171.39.242.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        171.39.242.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        239.249.30.184.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        239.249.30.184.in-addr.arpa
        IN PTR
        Response
        239.249.30.184.in-addr.arpa
        IN PTR
        a184-30-249-239deploystaticakamaitechnologiescom
      • flag-us
        DNS
        58.55.71.13.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        58.55.71.13.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        139.53.16.96.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        139.53.16.96.in-addr.arpa
        IN PTR
        Response
        139.53.16.96.in-addr.arpa
        IN PTR
        a96-16-53-139deploystaticakamaitechnologiescom
      • flag-us
        DNS
        0.204.248.87.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        0.204.248.87.in-addr.arpa
        IN PTR
        Response
        0.204.248.87.in-addr.arpa
        IN PTR
        https-87-248-204-0lhrllnwnet
      • flag-us
        DNS
        14.227.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        14.227.111.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.16.208.104.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.16.208.104.in-addr.arpa
        IN PTR
        Response
      • 96.16.110.114:80
        260 B
         5
      • 13.107.253.64:443
        46 B
         40 B
         1
        1
      • 52.142.223.178:80
        322 B
         7
      • 8.8.8.8:53
        0.205.248.87.in-addr.arpa
        dns
        71 B
         116 B
         1
        1

        DNS Request

        0.205.248.87.in-addr.arpa

      • 8.8.8.8:53
        209.205.72.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        209.205.72.20.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        241.150.49.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        241.150.49.20.in-addr.arpa

      • 8.8.8.8:53
        97.17.167.52.in-addr.arpa
        dns
        71 B
         145 B
         1
        1

        DNS Request

        97.17.167.52.in-addr.arpa

      • 8.8.8.8:53
        183.59.114.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        183.59.114.20.in-addr.arpa

      • 8.8.8.8:53
        171.39.242.20.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        171.39.242.20.in-addr.arpa

      • 8.8.8.8:53
        239.249.30.184.in-addr.arpa
        dns
        73 B
         139 B
         1
        1

        DNS Request

        239.249.30.184.in-addr.arpa

      • 8.8.8.8:53
        58.55.71.13.in-addr.arpa
        dns
        70 B
         144 B
         1
        1

        DNS Request

        58.55.71.13.in-addr.arpa

      • 8.8.8.8:53
        139.53.16.96.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        139.53.16.96.in-addr.arpa

      • 8.8.8.8:53
        0.204.248.87.in-addr.arpa
        dns
        71 B
         116 B
         1
        1

        DNS Request

        0.204.248.87.in-addr.arpa

      • 8.8.8.8:53
        14.227.111.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        14.227.111.52.in-addr.arpa

      • 8.8.8.8:53
        95.16.208.104.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        95.16.208.104.in-addr.arpa

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.