Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b37305c1fd...118.js

windows7-x64

3

b37305c1fd...118.js

windows10-2004-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/06/2024, 12:13 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b37305c1fd45722cfe34a9a5caec5c14_JaffaCakes118.js

  • Size

    88KB

  • MD5

    b37305c1fd45722cfe34a9a5caec5c14

  • SHA1

    82252a105b3ab1ac45370919e389ea5707297eb4

  • SHA256

    84c39b88395b3426893670336921880db1bc2fad97fdc73ec212ad2e8c6bbeef

  • SHA512

    4fbd0727bc61e5f54612f4dac8febfe5c883421bb3e96398e53eecbcf3bbc74d12ce1a67a8e857c0439525f1ccda5276ded398f992fe38e963849ae1e8cee329

  • SSDEEP

    384:pb5lo6AN1BMSBMt90d1MO7hWc2QAiI4Rxtfacf8+lCsxm9bP4m8o8fppppppTRup:pbCCSCu9O6v9f86m9bP4y8TRuvY0h

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\b37305c1fd45722cfe34a9a5caec5c14_JaffaCakes118.js
    1⤵
      PID:3160

    Network

    • flag-us
      DNS
      73.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      157.123.68.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      157.123.68.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      240.197.17.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.197.17.2.in-addr.arpa
      IN PTR
      Response
      240.197.17.2.in-addr.arpa
      IN PTR
      a2-17-197-240deploystaticakamaitechnologiescom
    • flag-us
      DNS
      56.126.166.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      56.126.166.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      31.121.18.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      31.121.18.2.in-addr.arpa
      IN PTR
      Response
      31.121.18.2.in-addr.arpa
      IN PTR
      a2-18-121-31deploystaticakamaitechnologiescom
    • flag-us
      DNS
      31.121.18.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      31.121.18.2.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      249.197.17.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      249.197.17.2.in-addr.arpa
      IN PTR
      Response
      249.197.17.2.in-addr.arpa
      IN PTR
      a2-17-197-249deploystaticakamaitechnologiescom
    • flag-us
      DNS
      88.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.210.23.2.in-addr.arpa
      IN PTR
      Response
      88.210.23.2.in-addr.arpa
      IN PTR
      a2-23-210-88deploystaticakamaitechnologiescom
    • flag-us
      DNS
      13.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      13.227.111.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      73.159.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      73.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      157.123.68.40.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      157.123.68.40.in-addr.arpa

    • 8.8.8.8:53
      240.197.17.2.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      240.197.17.2.in-addr.arpa

    • 8.8.8.8:53
      56.126.166.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      56.126.166.20.in-addr.arpa

    • 8.8.8.8:53
      31.121.18.2.in-addr.arpa
      dns
      140 B
       133 B
       2
      1

      DNS Request

      31.121.18.2.in-addr.arpa

      DNS Request

      31.121.18.2.in-addr.arpa

    • 8.8.8.8:53
      249.197.17.2.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      249.197.17.2.in-addr.arpa

    • 8.8.8.8:53
      88.210.23.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      88.210.23.2.in-addr.arpa

    • 8.8.8.8:53
      13.227.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      13.227.111.52.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.