Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
116s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
22/07/2024, 07:30
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
624c761804260e357a607ddfc88095c5_JaffaCakes118.dll
Resource
win7-20240704-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
624c761804260e357a607ddfc88095c5_JaffaCakes118.dll
Resource
win10v2004-20240709-en
1 signatures
150 seconds
General
-
Target
624c761804260e357a607ddfc88095c5_JaffaCakes118.dll
-
Size
32KB
-
MD5
624c761804260e357a607ddfc88095c5
-
SHA1
b5010af0a84e1ebe166feca82a7ab112348f6fe6
-
SHA256
777ee5cb3d4250ecf9cb45c640730d52bc586a27566841af301451e1b5dcc706
-
SHA512
e7692f16d120aa7a5b7b3962c707ee846e321ba99eb8083e98424599289532c3c62482949f04254269c4e4bff898bca295d3686c31cd480876daa07f31a161ea
-
SSDEEP
768:PkkxDynEfVtVI71szJ776wTPbwzhqDBNRRhXmL:PxDy661sR76wDskTRfXG
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2304 wrote to memory of 448 2304 rundll32.exe 84 PID 2304 wrote to memory of 448 2304 rundll32.exe 84 PID 2304 wrote to memory of 448 2304 rundll32.exe 84
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\624c761804260e357a607ddfc88095c5_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2304 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\624c761804260e357a607ddfc88095c5_JaffaCakes118.dll,#12⤵PID:448
-