Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
137s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
26/07/2024, 15:55
Static task
static1
Behavioral task
behavioral1
Sample
74b74ce933bf8f9b0f289d968bf73d1d_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
74b74ce933bf8f9b0f289d968bf73d1d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
74b74ce933bf8f9b0f289d968bf73d1d_JaffaCakes118.exe
-
Size
88KB
-
MD5
74b74ce933bf8f9b0f289d968bf73d1d
-
SHA1
86a6c0c88ccef97f40eb9bb5331540b1abc726dc
-
SHA256
feb3adc6a24a939b806590b6b78051fd16e949702fe6af38d8efe3640d03f14f
-
SHA512
0db6672ad85fcced241909a4705e1588ecd543bbd8d4262d70e486a6ac21908186978f7c4f86a8a1d397af2b96aa77cea234dba007bf50bc87c32deb80b3ea30
-
SSDEEP
1536:tZuiPjRh2BsVKr25LTtjnSwqNd9SZel4Tcdi4knvzyTKbWnGA:tZ/rRh0sVrLTxSwqkuwHvQKinL
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 74b74ce933bf8f9b0f289d968bf73d1d_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 8 74b74ce933bf8f9b0f289d968bf73d1d_JaffaCakes118.exe 8 74b74ce933bf8f9b0f289d968bf73d1d_JaffaCakes118.exe