Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
26/07/2024, 09:07
General
-
Target
7369e3534012d8db4a8939ffe9aff486_JaffaCakes118.exe
-
Size
96KB
-
MD5
7369e3534012d8db4a8939ffe9aff486
-
SHA1
14f7515d02cdd6fd298f5b0369be599ce93f214d
-
SHA256
04f3dcbd6bf35ca40d0daccc979c33251d382e45d59ef65eebc8b89780b44274
-
SHA512
255cbbb0f8a1c067aca2357ae0abff63409add0297290579d3f35bfff6133ccc9b7562e91bc62b0bf6cf7c4156c6ef78d70cc325e45174d18f3fd2a98f7efdf4
-
SSDEEP
3072:9ZTEksu/Dw6uZvXT/hQv8pA71qiSkD3Y/uOrM9:9ZTE3ojuUvM7
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
-
Drops file in Windows directory 2 IoCs
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\7369e3534012d8db4a8939ffe9aff486_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\7369e3534012d8db4a8939ffe9aff486_JaffaCakes118.exe"1⤵
- Drops file in System32 directory
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4888 -s 4442⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 4888 -ip 48881⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
120KB