Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2024, 00:39

General

  • Target

    379cf18bcbb019e1d5f673243465f07e_JaffaCakes118.exe

  • Size

    231KB

  • MD5

    379cf18bcbb019e1d5f673243465f07e

  • SHA1

    6dee8b38e02f6eb3a072611b88bd0648dec09751

  • SHA256

    b565da5c26aeae0b8a7c4e028d8684582d8939221260e82337f392a713f515b6

  • SHA512

    8c751c49d096657a6a94aaa1284b1b6d67bbfa872dcdf02d8d7d89f97db40022191e47e74b8d1b84c273a3003cbe601778631a596e6acd17797cba440ffcec39

  • SSDEEP

    3072:KHiV059RotRYVo2FaXZ8Lj2yyyyy2lLtdF2UjLHO2bry72:Kr57otRgo2uyuyyyyy2lLtdF2Uvfbc2

Score
5/10

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\379cf18bcbb019e1d5f673243465f07e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\379cf18bcbb019e1d5f673243465f07e_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4024-0-0x0000000000400000-0x000000000047F000-memory.dmp

    Filesize

    508KB

  • memory/4024-1-0x0000000010000000-0x000000001000E000-memory.dmp

    Filesize

    56KB

  • memory/4024-5-0x0000000000400000-0x000000000047F000-memory.dmp

    Filesize

    508KB