Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
140s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
24/06/2024, 20:22
Static task
static1
Behavioral task
behavioral1
Sample
0aabbce1efd14327d50739e1e9be306b_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0aabbce1efd14327d50739e1e9be306b_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
0aabbce1efd14327d50739e1e9be306b_JaffaCakes118.exe
-
Size
298KB
-
MD5
0aabbce1efd14327d50739e1e9be306b
-
SHA1
b778875fff7e8d4df1a7e35108cc686d83c007d2
-
SHA256
0c48ab92f21bc57cd8f1eb7aae4adb3541f9261da4bc065accdc4bd0fbecaf4c
-
SHA512
40c62ce6c8fc06f5e00e7987141840937b8c15f370f72ddea676014f832471f1b60f824589e0de5a7eeb16dfc352fffe1e5869200ac96dbcdccda964914ece2e
-
SSDEEP
6144:LEcEYCW+j1z1p5EmkC+h9A+x3X60zfriGZv2MaVl/s:xD4jV1gmkBhTJq0DrVJCVl/
Malware Config
Signatures
-
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 94.242.250.64 -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 4364 0aabbce1efd14327d50739e1e9be306b_JaffaCakes118.exe 4364 0aabbce1efd14327d50739e1e9be306b_JaffaCakes118.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeDebugPrivilege 4364 0aabbce1efd14327d50739e1e9be306b_JaffaCakes118.exe Token: SeDebugPrivilege 4364 0aabbce1efd14327d50739e1e9be306b_JaffaCakes118.exe