Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
140s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
13/07/2024, 11:56
Static task
static1
Behavioral task
behavioral1
Sample
418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe
-
Size
140KB
-
MD5
418f2d9fecd0a97b3a4d582757d8a09e
-
SHA1
c6b6fcf46c5c42ae7566b14bf99cd20aba3213bb
-
SHA256
d034a3a2ab2990a7fcfa1276219c96ae2f765da6a4997e50729d3baf6de29afb
-
SHA512
8849081255ec33938af96f7019f79f1b12e98a1b8413c5ad95d63eb21fd7b11dda3e1c4d5f1ada718183b0854b9b723a6a5d6408a32917c09be0d7fb237d2a48
-
SSDEEP
3072:+8U2yJN5f661xRZbALxB1Ojdgx8GYgw/XeyXJke:+8U2qy6rRZb7jxGYgWxJj
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2958949473-3205530200-1453100116-1000\Software\Microsoft\Internet Explorer\Main 418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2948 418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2948 418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe 2948 418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\418f2d9fecd0a97b3a4d582757d8a09e_JaffaCakes118.exe"1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2948