Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01/07/2024, 10:10

General

  • Target

    1ae3d5b3253d7668605cc2cb137d8cd3_JaffaCakes118.exe

  • Size

    626KB

  • MD5

    1ae3d5b3253d7668605cc2cb137d8cd3

  • SHA1

    01ae5a7227888b1e02c41969897161a4c6b66c8b

  • SHA256

    5e199448996ad56c7391a5b867d56082fbec02380743db4ddc4315c26d00aff9

  • SHA512

    8afd0fbedef0f72c298f4958962bc44e3910fd60beb1aab5e0a57746b9ea2929d817fcc0b6a8e9f6e1d7249e8e56cdab4f645e6b73deaf772ba14dc5e9f9a0e3

  • SSDEEP

    12288:I464l1er6/Gf2bLR7JYv2YUb/n0RmD1Hb5pV+BvGYKPpCs:I4hl1er6/Gf2bLpJYvkz0RmD1dpV+B+z

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1ae3d5b3253d7668605cc2cb137d8cd3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\1ae3d5b3253d7668605cc2cb137d8cd3_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\offconfig.temp

    Filesize

    41KB

    MD5

    27098e1681487dbaa5a5fc3ddc0db246

    SHA1

    304f7cc781b0059642ed70bf2e539b2e1762ba61

    SHA256

    937b5ef9347ebc33acdbe772a37d417d8fa1fe12a43a6109b0c5f1e0b3d46963

    SHA512

    d67d870e1a2bee2fe19e73b5cc84509ed4c65e6605e7a265fe7adeca506f662ab3f519721bcdda74d5cd850ab8f4a0fb30c337bcac94a37d59340a70f7822875