Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
19/08/2024, 01:40
Static task
static1
Behavioral task
behavioral1
Sample
a9127d4d6ed9be45056d5f0cce7f15df_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a9127d4d6ed9be45056d5f0cce7f15df_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
a9127d4d6ed9be45056d5f0cce7f15df_JaffaCakes118.exe
-
Size
743KB
-
MD5
a9127d4d6ed9be45056d5f0cce7f15df
-
SHA1
7034d17defbeddcad1f24a658e53b32fa7aaf56b
-
SHA256
a1f8e72028194959b047d0a7ee08185f32141fd2ee59721253350128372c3b5d
-
SHA512
84f302c62cf2fb083730d591548e8edcb64f5541c3364bf5bb9d40ccb5a7df5e7b2fbaede8b8bab08564c929bcf97ae71155a0b93a2b33b9053c77a1a24af11e
-
SSDEEP
12288:GRyTY+2U4uan/8RdW5A0zyxuJwQ5oAlK+Gx/vZuIkAbQQ52LYRg08y5rDRy:y6iU4ucwdW5A2RJr/k3/vcIkA33P
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language a9127d4d6ed9be45056d5f0cce7f15df_JaffaCakes118.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2372 a9127d4d6ed9be45056d5f0cce7f15df_JaffaCakes118.exe