Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
13/10/2024, 02:20
General
-
Target
3d41ca33b978db34060df235b37c12f0_JaffaCakes118.exe
-
Size
312KB
-
MD5
3d41ca33b978db34060df235b37c12f0
-
SHA1
a23c6b55c5b5fdc3a59b679063f87a5cc2685dde
-
SHA256
da6620a76c0a19d010a4397186ef8e6e123e91e453009d27758eca9e90ae0dd3
-
SHA512
17d0ba5e4378137d5db32ecfc739a9f93eed466df35f2048171dcc220d2a104388d264e498f9d828832db620533a6e675c2fa77752bdc9f8fb58e727e3c67e06
-
SSDEEP
6144:ZObc0f7XP+g3AGJpWVzu5RHeEgRK/fObT/bGiJKv6R7MkZ4lUr8W9HuOGKhvsMMJ:4w27/XvLWpuDeEgRK/fObT/bGiJlMkZO
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3d41ca33b978db34060df235b37c12f0_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\3d41ca33b978db34060df235b37c12f0_JaffaCakes118.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2840 -s 4682⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 2840 -ip 28401⤵