Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
19/07/2024, 12:12
General
-
Target
5be423c25fa3e6a6022de20f282ff7cb_JaffaCakes118.exe
-
Size
68KB
-
MD5
5be423c25fa3e6a6022de20f282ff7cb
-
SHA1
b9d80693cb562ae2d14506d1c873505a2314eac7
-
SHA256
9d241adc5202fb94ef9e5f4a305a75a8341dd0e491a4162502dd7884abd3c447
-
SHA512
8bc15e70cb21d2721e26efd5dc66f1981f3651140e22a0900e85b1e63244ed91ec2c8c09cde2a1ef491a205ade15f84335c0aa641b45d07a61e0f66bc61d4adc
-
SSDEEP
1536:r1BvK2hM46fGBCzSfNNI6yx8Hoh3eypmrYbwWoE:r1BvK7pmCzSlNILr7mrlE
Score
7/10
Malware Config
Signatures
-
Unexpected DNS network traffic destination 5 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of WriteProcessMemory 9 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5be423c25fa3e6a6022de20f282ff7cb_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\5be423c25fa3e6a6022de20f282ff7cb_JaffaCakes118.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\5be423c25fa3e6a6022de20f282ff7cb_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\5be423c25fa3e6a6022de20f282ff7cb_JaffaCakes118.exe"2⤵
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36KB
-
Filesize
36KB
-
Filesize
36KB