Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    80s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/06/2024, 07:04

General

  • Target

    0d23252a8e23a2893bdfb539bf1a08a1_JaffaCakes118.exe

  • Size

    15KB

  • MD5

    0d23252a8e23a2893bdfb539bf1a08a1

  • SHA1

    cf1efcdd96ec996955c02c682a6fa547d0775d50

  • SHA256

    40f80e4bac3576179708fc0efc7dae0be0351050013ef51066eec25c62fb8110

  • SHA512

    691c19a459d6a241319feaaf4ab50ff4959399099339f3073897a83efc16b4fbe36c4f11937a62e2c3b128ecbf13c16bf975b78e957f86d3d9c515507ba43545

  • SSDEEP

    384:oqP06f+3rtPO4kwOzZR/NYxOoYpXGbBuPWJoKw:oqP06fIpm4kwOMdI0o/

Score
10/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\0d23252a8e23a2893bdfb539bf1a08a1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0d23252a8e23a2893bdfb539bf1a08a1_JaffaCakes118.exe"
    1⤵
    • Modifies firewall policy service
    PID:3552
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3552 -s 336
      2⤵
      • Program crash
      PID:400
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3552 -ip 3552
    1⤵
      PID:2692

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads