Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    95s
  • max time network
    121s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/09/2024, 20:53

General

  • Target

    f6d6c4907dc02837681cc2a88b13fc4a_JaffaCakes118.exe

  • Size

    651KB

  • MD5

    f6d6c4907dc02837681cc2a88b13fc4a

  • SHA1

    3bbf52d6137b29d6e08039b395e59ce47ba1682a

  • SHA256

    d00ce2010dd80412bbf53bf211dba8bea71d7b900125ad7553024d8b3364e69d

  • SHA512

    bb5a53394e273aa7971efb4afe48c33d3bc1b09fef411f18b74322948791f90bb6555d71bb6416ed98b78d5f89d320f88b8eb7f4e71a1b058ee12ed352580172

  • SSDEEP

    12288:jMguqPwVws4FIpMQ70cC62QOZFgQURMkX63+SH7XtEPQ8xdzq8TFlltn:jMgqwC60O3gdZX6NH7XtQQ8xdzq8TFfx

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\f6d6c4907dc02837681cc2a88b13fc4a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f6d6c4907dc02837681cc2a88b13fc4a_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads