Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
19/08/2024, 09:26
Static task
static1
Behavioral task
behavioral1
Sample
aa75de4c806cb0923a6d31e98a571e23_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
aa75de4c806cb0923a6d31e98a571e23_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
aa75de4c806cb0923a6d31e98a571e23_JaffaCakes118.exe
-
Size
132KB
-
MD5
aa75de4c806cb0923a6d31e98a571e23
-
SHA1
acf27e97c9e0de5868cd0f522797262af130c23a
-
SHA256
fe900bc29d343319ff3eb382a2115be5a060154cd958ea5743e5a12d8b7663cc
-
SHA512
99e60371cc7f34bfcd2ca77fde98a3cdea8121e6232ef30a420605c7683d46dadcc5d793be8c376c857721560695462044e6378b442f584489b7171ef37135f3
-
SSDEEP
3072:TuT/kV60ufUw0sWMWI6s8z2yI2SNlO3gKTn2pkQ8p/w9:N5RzIvO37iqQ8p/E
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language aa75de4c806cb0923a6d31e98a571e23_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 984 aa75de4c806cb0923a6d31e98a571e23_JaffaCakes118.exe