Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
22/07/2024, 09:01
General
-
Target
629c6cd2eb44c471541e3dca274e3c8f_JaffaCakes118.exe
-
Size
24KB
-
MD5
629c6cd2eb44c471541e3dca274e3c8f
-
SHA1
81f0583318407e717436df078b01200a32020f02
-
SHA256
c5cbbccef9fe50cdf25eb5da48da9a37a00f929b5c91786ecd6da2dc805b7cbf
-
SHA512
371dbaba5224ceacc1a28ec8798458aa29d2587472ad3ecac2d475c7fa1451d9c7542bea39afc2dd37aba654525389a00dd7b2d501dd2b5905374d2c6184790c
-
SSDEEP
192:3bYWsJk+KxAGublyE7PeS1wjEQLlHGf5ahf1F69ypnAZqouJ2/5hUNhM:3OJhtGeLPn0tLl9F6sngqL2/5hCM
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\629c6cd2eb44c471541e3dca274e3c8f_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\629c6cd2eb44c471541e3dca274e3c8f_JaffaCakes118.exe"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.execmd.exe /c copy "C:\Users\Admin\AppData\Local\Temp\629c6cd2eb44c471541e3dca274e3c8f_JaffaCakes118.exe" "C:\Users\Admin\AppData\Local\Temp\file.rst"2⤵
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD5629c6cd2eb44c471541e3dca274e3c8f
SHA181f0583318407e717436df078b01200a32020f02
SHA256c5cbbccef9fe50cdf25eb5da48da9a37a00f929b5c91786ecd6da2dc805b7cbf
SHA512371dbaba5224ceacc1a28ec8798458aa29d2587472ad3ecac2d475c7fa1451d9c7542bea39afc2dd37aba654525389a00dd7b2d501dd2b5905374d2c6184790c