Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
96s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
17/08/2024, 06:17
Static task
static1
Behavioral task
behavioral1
Sample
a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe
-
Size
618KB
-
MD5
a17c8e5b76e710dd827c70f50c6a8ab3
-
SHA1
ea19732e9ec94bdcb1c273023ec43d5e712072b6
-
SHA256
950210766d2a1bd149b6f0814f32850c324e365f34b7a2ec56bf86b0253217ea
-
SHA512
b03c1f3d8f0fd92eb2f3735001238219a6f75f8aed27e5c1f303533b6d15294d4ec7a018b1774e6f89c0ace478f87c7348555a58e3f6ed1947785e6fdf4617b8
-
SSDEEP
12288:5sRG6yPU/CqW09U8O7JY+QyL6CgCk59WmdBC28f6+rpqQ:5s46y8/CqW09U8AJY+Z6CgCk5gEBC28t
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 3492 a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe 3492 a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 3492 a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe 3492 a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\a17c8e5b76e710dd827c70f50c6a8ab3_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:3492
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
41KB
MD5e66c400ad7066483f1e5cb1a44e2dec9
SHA1cbba62c064a5625e37f7e253083c691673a0684e
SHA2560eb850eeed2f855826278ca798ce425c3fe11189b4cfb5a7834b296d0a2ed68b
SHA5127c16ccc57bc3e129bd27be05958120aba72fa2dbef79bac9f009f4cc75d9ad051c66968fc25d9872387a5b18464d0f7cad9a6c2e90ff0b291e11afb366c9afbb