Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
141s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
27/06/2024, 14:34
General
-
Target
1659139b1d4c61373ebd12b828b7b22d_JaffaCakes118.dll
-
Size
28KB
-
MD5
1659139b1d4c61373ebd12b828b7b22d
-
SHA1
d704fa7c1a78d882fbf8e75e32dd3abe65e24f59
-
SHA256
0a37a4a164458f33565c261f080aa49f5e64244fb714b0fd0ae80073eb18961d
-
SHA512
4c584f0b003da67e4c59d34584895fb89420730ef6034e6d7a3cdfd7e0f06dd425ae746b43651e846c9068275c3f0f80f7fa21374212af90b8b8691bea9f1c4d
-
SSDEEP
384:IwysuWc+WNCHXf1u2xC1Xa4XXripoOFekWO0a8Q4VCVlTjotKuCQjJu/E/Gk+bPY:NG+WN+f1hPM2h8xVkdIKuHj//GxT
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1659139b1d4c61373ebd12b828b7b22d_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1659139b1d4c61373ebd12b828b7b22d_JaffaCakes118.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 672 -s 5443⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 672 -ip 6721⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
84KB