Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
52s -
max time network
51s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
24/06/2024, 00:24
Behavioral task
behavioral1
Sample
057d503e98eb1252d6b64fe877841092_JaffaCakes118.dll
Resource
win7-20240508-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
057d503e98eb1252d6b64fe877841092_JaffaCakes118.dll
Resource
win10v2004-20240508-en
1 signatures
150 seconds
General
-
Target
057d503e98eb1252d6b64fe877841092_JaffaCakes118.dll
-
Size
664KB
-
MD5
057d503e98eb1252d6b64fe877841092
-
SHA1
0c38738d9595b0857f6110e5cf24766132771ca7
-
SHA256
d8fbca6d457fde2a437ceb52416d2501175572e56b2358cb3aa0e30a745692a9
-
SHA512
aae30f719ade4a7ce9b3bea6cc2984be36d240e781b1b4511e82538ba52a7ba8dc58873f6a5652171f77c968972a545e4127009ce11f4a536bcdccc58d8159ab
-
SSDEEP
12288:2si5g4y9f2QPRmxiDozjLst4kY/P5+YuaVaYlIALrDbzeZ5ea4HMH:2mxFT4jP5+titlJrDWx4y
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2220 wrote to memory of 4592 2220 regsvr32.exe 81 PID 2220 wrote to memory of 4592 2220 regsvr32.exe 81 PID 2220 wrote to memory of 4592 2220 regsvr32.exe 81
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\057d503e98eb1252d6b64fe877841092_JaffaCakes118.dll1⤵
- Suspicious use of WriteProcessMemory
PID:2220 -
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\057d503e98eb1252d6b64fe877841092_JaffaCakes118.dll2⤵PID:4592
-