Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
79s -
max time network
99s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
27/06/2024, 05:25
Static task
static1
Behavioral task
behavioral1
Sample
14d2a9ba6381195e2fdbf3e0a4309b9a_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
14d2a9ba6381195e2fdbf3e0a4309b9a_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
14d2a9ba6381195e2fdbf3e0a4309b9a_JaffaCakes118.exe
-
Size
1.0MB
-
MD5
14d2a9ba6381195e2fdbf3e0a4309b9a
-
SHA1
03b342f91565f52ff620e68c5d550524f9b34848
-
SHA256
3411f7271117bbc7a26b1b1a236e15ffe4b93b7692da6907c373dd00730609e6
-
SHA512
3faae4d99e08ea73a83bc8e2ef177c22468a1c3b708eed3e37481378739cac108571b8c6a0ede060f5609650feaf94d8bb84be8602676e28d6357f2c68e52e11
-
SSDEEP
24576:xRSb7V55Nsm2qC6umVYsAoUZCLAYLtTvCpwjTrzWcj:DSb7V54mS6uWpxUw1T6pgT/Wcj
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 3028 2756 WerFault.exe 79 -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2756 14d2a9ba6381195e2fdbf3e0a4309b9a_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\14d2a9ba6381195e2fdbf3e0a4309b9a_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\14d2a9ba6381195e2fdbf3e0a4309b9a_JaffaCakes118.exe"1⤵
- Suspicious use of SetWindowsHookEx
PID:2756 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2756 -s 7882⤵
- Program crash
PID:3028
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 204 -p 2756 -ip 27561⤵PID:1956