Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    95s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/07/2024, 00:06

General

  • Target

    328abe98b30b9fa8bdc447401d2d4ed1_JaffaCakes118.exe

  • Size

    628KB

  • MD5

    328abe98b30b9fa8bdc447401d2d4ed1

  • SHA1

    e8fa3ac496a0ed6094fe64ac33e720398a019c5a

  • SHA256

    9265294de83a6a1e2548b686d58e41e74c2abfb89f7b953c79b65881f704794e

  • SHA512

    d2dbee4ec67a3a9999448d6ef79a9d4c97bc04a0b700bb3666d9c6e665007017429a5c7c67bdd1964047f874d5569fa342406e59b10dc4414c3e7e08f3ff7286

  • SSDEEP

    12288:D5ZSqDvQgAl6HKEp6t7JYKF4cSHY6THyH1nI9ESWmtley8psw:D5ZVvDAl6HKEp69JYi49Y6THyVI9ESWh

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\328abe98b30b9fa8bdc447401d2d4ed1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\328abe98b30b9fa8bdc447401d2d4ed1_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\offconfig.temp

    Filesize

    597B

    MD5

    0ee70d93e0ea43e1d5e656dcb77c81c4

    SHA1

    7aff6e139ea8f45ed199376f87ca834aaf440137

    SHA256

    680427b60c13486ab269141a3fc9036379d1abf00969a19b0bd5f90c64414976

    SHA512

    418333726c1cb1bf9dbfe022ca2bc13c03b915633921d4ffbfb66f2fe675eecd293864bd138ec87e9c015689e472c56986a092140cffb5f91558f70e9647dd81