Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    93s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/07/2024, 10:05

General

  • Target

    56e4ebe68c44b61e9984cc6c70d4383e_JaffaCakes118.dll

  • Size

    340KB

  • MD5

    56e4ebe68c44b61e9984cc6c70d4383e

  • SHA1

    d590cc8ca9093d1d27cb7d827680d111c91ebe95

  • SHA256

    c265e0b5b45cce5e7ca8ac96e4e7d0bc77bbcb71d1e8ce752179452315d48ba0

  • SHA512

    3b9aa43b2576cf170f903c145597289edf0e4c81b1f0d7c2609e5862643d3aca4920c540ab9ae6eb15c3642fcb7b9938f34ccd6ce71c9ee976e1814894585c06

  • SSDEEP

    3072:1vA1p08RqEQAIVEd2gG/vNlo0JFx/pANyCm0PQEKR/JnXHWP:1206xWgGxLxWN40PDKR/JnX2P

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\56e4ebe68c44b61e9984cc6c70d4383e_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4540
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\56e4ebe68c44b61e9984cc6c70d4383e_JaffaCakes118.dll,#1
      2⤵
        PID:848

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads