Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
16s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system -
submitted
27/07/2024, 13:27
Static task
static1
Behavioral task
behavioral1
Sample
7852c58281d290f25563dae26c0ca914_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
7852c58281d290f25563dae26c0ca914_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
7852c58281d290f25563dae26c0ca914_JaffaCakes118.exe
-
Size
68KB
-
MD5
7852c58281d290f25563dae26c0ca914
-
SHA1
4a7d45441b7f4cd5f98e6d3ca5b25befdb084263
-
SHA256
30f9399752254e1626acf6713ff363046712917399fd776e970a2f01c50f9c61
-
SHA512
1bee731009cdd15f0aad8ba50d78c8aa70a65cb87e817f966b66990d894e55ba9cd68e9dd9a441528b821cf9a90c81e418bf31f383a82799d26148e8db7c8867
-
SSDEEP
768:bQIHRuAef0k8iCqabwq/iU34MJjHbmD5jycBw/7MOQTXA7zwQOb+Jv75:bDuG8abwq/iU3va5mAo781+JV
Malware Config
Signatures
-
Suspicious behavior: LoadsDriver 1 IoCs
pid Process 480 Process not Found -
Suspicious behavior: RenamesItself 1 IoCs
pid Process 2068 7852c58281d290f25563dae26c0ca914_JaffaCakes118.exe -
Suspicious use of AdjustPrivilegeToken 3 IoCs
description pid Process Token: SeLoadDriverPrivilege 2068 7852c58281d290f25563dae26c0ca914_JaffaCakes118.exe Token: SeDebugPrivilege 2068 7852c58281d290f25563dae26c0ca914_JaffaCakes118.exe Token: SeTakeOwnershipPrivilege 2068 7852c58281d290f25563dae26c0ca914_JaffaCakes118.exe