Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
01/07/2024, 11:01
Static task
static1
Behavioral task
behavioral1
Sample
1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
-
Size
152KB
-
MD5
1b0a827018d69d55847f502b37e61bd9
-
SHA1
42a1a100c57b10a533e18bacba3b0334bbfd8cb0
-
SHA256
44a71431a1102439c0e466a1f56c1ff8311e74a5ee57acd4b47e5b8cb5389af4
-
SHA512
efd4519286733feb02349ad26219c63787b4a14c17eaa260f06d14137c2a35fd39b035ba34cb8d3804fce1fd73a3d516d2401a597a91a9978cbde4b76c1219ce
-
SSDEEP
3072:pmR5LCQThb6qHfpmPKzYIEeh7m8h+38oW4OUSKwFZai:AR5LfJCaDEe08h+3rZi
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\SysWOW64\s.exe 1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 4604 1b0a827018d69d55847f502b37e61bd9_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
60KB
MD54eb649568d1c132f86c79182244099a1
SHA1089058a0a738497b1d9031eb86ccee1c34575bba
SHA2568650e4dcd84712ec6213119b06e718364a742567e7942a62c8503ac047f38f7f
SHA51245c4de6b94b22c8453955efee7ee8641135b7405743010b72284e1e45aaf51a90beaf78f9b5078d167908e410279acd592fd5a0c2c52aa0c980e8741453209b7