Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12/09/2024, 05:20
General
-
Target
dbe20b0025b73769811b5416ecf7177f_JaffaCakes118.exe
-
Size
253KB
-
MD5
dbe20b0025b73769811b5416ecf7177f
-
SHA1
81d57a04d6833a9592f1966f2c6f773d2dd863e0
-
SHA256
84fe55896f3854f33b088f2351616ad92699735fa5ca2f22a58cc071e88c7c62
-
SHA512
14847f31e2464db0db14a2832898bffd5d7e6a0ab8f5061fe0433ac0234fe6924b434a3dabe0d479c5700723255bcd0f8c3bfde55f74240bda969d8250a0ae63
-
SSDEEP
6144:6jYD4PawAJ1U4CDU3nh9wv1U5K0pxSOODQZM/2zlmUJm:6Za/y4h9wt0K0THO0Z82hLY
Malware Config
Signatures
-
Modifies WinLogon 2 TTPs 8 IoCs
-
Drops file in System32 directory 4 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies registry class 19 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\dbe20b0025b73769811b5416ecf7177f_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\dbe20b0025b73769811b5416ecf7177f_JaffaCakes118.exe"1⤵
- Modifies WinLogon
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
153KB
MD5952a21e351093d2fb38fc530fffc47a8
SHA15bcc36b2ec30bdbb865b001c7de9329fbc864f4a
SHA2568b034407fc61e5c25316c0a88cb507f89d07a0390ef22c81c7965f8b196fa4a6
SHA512230c15adac16f664646986e92d75930c60912af0b0e8110a67061053ffc47c4171701957ccafda774d6987faf32429f7192a6c4506bfe781af82750803bed5f8
-
Filesize
159KB
MD55ee9e2ac9a1ec6976432e7dd5a4f5434
SHA1692666a3dea54b2c4d84bfc887d8b45ac3bb9d8e
SHA256e877c8fae6034d36afb5d30d8ddc78ceec500a8aa1b6979cab9d8eee23a04fcc
SHA512013b6b2fd8f297d9e48239f45dabf24587a41782f0042d9167419e2dabc05cda790756665ec28a36c703278f995c4a6cb1d881c153bb4ad3b7812c85b8392adc
-
Filesize
112KB