Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
41s -
max time network
48s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
01/07/2024, 17:26 UTC
General
-
Target
1bdefa4ee7f84b4eabc182263b39ed91_JaffaCakes118.exe
-
Size
420KB
-
MD5
1bdefa4ee7f84b4eabc182263b39ed91
-
SHA1
8ae0203529fcc18a2ea0d5db1b9f502bf10f6201
-
SHA256
4ba016e3ba5ca6b829813e78dcea0c228125bcfbea6eea6fecc2e6df3144a448
-
SHA512
44427a6c68d191e3ed8dfda675b8cfd5cfa1247cccae321b95fd2ac8e562b7722ba586f29e11ca081ff975b43abb54882e1485ed20d031eb73cced4770f3050d
-
SSDEEP
12288:JMZ4u/q8jE5pxDf1WiW70tR1nq3+z1SlgGfvX:JK3yIAHT1WiWEvWl73X
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1bdefa4ee7f84b4eabc182263b39ed91_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\1bdefa4ee7f84b4eabc182263b39ed91_JaffaCakes118.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3548 -s 5482⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 3548 -ip 35481⤵
Network
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR -
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
No results found
-
8.8.8.8:538.8.8.8.in-addr.arpadns
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
-
Filesize
804KB