Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

06aa61f7fc...18.exe

windows7-x64

1

06aa61f7fc...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/06/2024, 14:05 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe

  • Size

    20KB

  • MD5

    06aa61f7fc81e782e60e81f2512867b4

  • SHA1

    ef9631165870c6ded41df8f3d31232dfada7b092

  • SHA256

    a23613933575de002746edf803fcb8a31c261cb9e4d73224d91e5aa8d01fd8b7

  • SHA512

    8595fbb54f430f4a0b000d6e7a02f9563f556021e787696bdc9143f92189fc1ebcaa9a73f71d7ade3b0608b5db06a05bbc613c064934b7eb87b3a0c97515e925

  • SSDEEP

    192:MWWkDvSXK0e8GG6/x2pWiYX7vLOov2keP1oyqwqQ9Z1:MWWkQvktfvbvbI1Uw

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe"
    1⤵
      PID:3660

    Network

    • flag-us
      DNS
      install4.ring520.org
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      install4.ring520.org
      IN A
      Response
    • flag-us
      DNS
      install1.ring520.org
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      install1.ring520.org
      IN A
      Response
    • flag-us
      DNS
      install2.ring520.org
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      install2.ring520.org
      IN A
      Response
    • flag-us
      DNS
      install2.ring520.org
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      install2.ring520.org
      IN A
      Response
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      install3.ring520.org
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      install3.ring520.org
      IN A
      Response
    • flag-us
      DNS
      144.107.17.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      144.107.17.2.in-addr.arpa
      IN PTR
      Response
      144.107.17.2.in-addr.arpa
      IN PTR
      a2-17-107-144deploystaticakamaitechnologiescom
    • flag-us
      DNS
      144.107.17.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      144.107.17.2.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      68.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      68.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      228.249.119.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      228.249.119.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      198.187.3.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      198.187.3.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      26.165.165.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.165.165.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      107.12.20.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      107.12.20.2.in-addr.arpa
      IN PTR
      Response
      107.12.20.2.in-addr.arpa
      IN PTR
      a2-20-12-107deploystaticakamaitechnologiescom
    • flag-us
      DNS
      97.90.14.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      97.90.14.23.in-addr.arpa
      IN PTR
      Response
      97.90.14.23.in-addr.arpa
      IN PTR
      a23-14-90-97deploystaticakamaitechnologiescom
    • flag-us
      DNS
      172.214.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.214.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      30.243.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      30.243.111.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      install4.ring520.org
      dns
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      66 B
       148 B
       1
      1

      DNS Request

      install4.ring520.org

    • 8.8.8.8:53
      install1.ring520.org
      dns
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      66 B
       148 B
       1
      1

      DNS Request

      install1.ring520.org

    • 8.8.8.8:53
      install2.ring520.org
      dns
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      132 B
       296 B
       2
      2

      DNS Request

      install2.ring520.org

      DNS Request

      install2.ring520.org

    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      198 B
       90 B
       3
      1

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      install3.ring520.org
      dns
      06aa61f7fc81e782e60e81f2512867b4_JaffaCakes118.exe
      66 B
       148 B
       1
      1

      DNS Request

      install3.ring520.org

    • 8.8.8.8:53
      144.107.17.2.in-addr.arpa
      dns
      142 B
       135 B
       2
      1

      DNS Request

      144.107.17.2.in-addr.arpa

      DNS Request

      144.107.17.2.in-addr.arpa

    • 8.8.8.8:53
      209.205.72.20.in-addr.arpa
      dns
      144 B
       158 B
       2
      1

      DNS Request

      209.205.72.20.in-addr.arpa

      DNS Request

      209.205.72.20.in-addr.arpa

    • 8.8.8.8:53
      68.159.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      68.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      228.249.119.40.in-addr.arpa
      dns
      73 B
       159 B
       1
      1

      DNS Request

      228.249.119.40.in-addr.arpa

    • 8.8.8.8:53
      198.187.3.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      198.187.3.20.in-addr.arpa

    • 8.8.8.8:53
      26.165.165.52.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      26.165.165.52.in-addr.arpa

    • 8.8.8.8:53
      107.12.20.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      107.12.20.2.in-addr.arpa

    • 8.8.8.8:53
      97.90.14.23.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      97.90.14.23.in-addr.arpa

    • 8.8.8.8:53
      30.243.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      30.243.111.52.in-addr.arpa

    • 8.8.8.8:53
      172.214.232.199.in-addr.arpa
      dns
      74 B
       128 B
       1
      1

      DNS Request

      172.214.232.199.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.