Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d127caf195...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    07/09/2024, 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d127caf1959b72447aab5855ea4978c6_JaffaCakes118

  • Size

    106KB

  • MD5

    d127caf1959b72447aab5855ea4978c6

  • SHA1

    8856631a71646eb567338f82cca4f26a7b33a7e8

  • SHA256

    ddb9f87d7dde35f64b36a065738d807a5dcb90fec4cce5e58d707fa00ad5be52

  • SHA512

    5bd59dec6763d16a539886ffbc707bcbec00636053151a3aac7ee94ebebf8d12fc6a91afbd4d2ece8dfdee974a2ffc5d1cde0e8b679f15b0cac5ccdeb6d44c1b

  • SSDEEP

    3072:ccnzWqtdwHsxiKw/SE0Oe+MphaNJQUDtjoKty8wdOM:PIH9Kw/J/MphaNJQUDtjoKty8wdOM

Score
7/10
discovery

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/d127caf1959b72447aab5855ea4978c6_JaffaCakes118
    /tmp/d127caf1959b72447aab5855ea4978c6_JaffaCakes118
    1⤵
    • Deletes itself
    • Reads system routing table
    • Changes its process name
    • Reads system network configuration
    PID:2475

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads