Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
13/09/2024, 22:08 UTC
Static task
static1
Behavioral task
behavioral1
Sample
defcaa1dfd5441dc448b581613771cc7_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
defcaa1dfd5441dc448b581613771cc7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
defcaa1dfd5441dc448b581613771cc7_JaffaCakes118.exe
-
Size
201KB
-
MD5
defcaa1dfd5441dc448b581613771cc7
-
SHA1
33667a970657815bbb8074badf4f9f937dd13edf
-
SHA256
1579ff6c882e5fa7b1e1acdab182737af2eb4b6c07c6cdced6ca10d8f1acddad
-
SHA512
8d13ba74064324b60cd83a546b02b6a59717f8a5cb3fec414ded7334311ac4a6a09656b918260ed5fec127d5ed05e8fe2b155a257535773f39e5c30cb1f06f92
-
SSDEEP
3072:YQ92Yn+C8CxmBnIJoJ8xcB9yekH4ibNHJYzzFfx4Ie8f9Hhp5t93PEQGqFOGiHW:YdysTJ/jyBPaL4Ie8flft3OGi2
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language defcaa1dfd5441dc448b581613771cc7_JaffaCakes118.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2360 defcaa1dfd5441dc448b581613771cc7_JaffaCakes118.exe