Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    140s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 13:48

General

  • Target

    4034267cf91ad46fda57453b3c2a176e_JaffaCakes118.exe

  • Size

    416KB

  • MD5

    4034267cf91ad46fda57453b3c2a176e

  • SHA1

    ab3f543be155a305eee9da43f3b4fae9ac71dcde

  • SHA256

    a6e19fb3e83a5f92fed5d42c449bb944a17b188211e5c2936f4f979c74775af4

  • SHA512

    c9f9313e999faa3cb33d6f57f83df67409a2667cca0bec7d3458ade22c74f0dc655f36c4fdf927cfdd6c08fe1622cd4100779b1e6f62a417a88074e2bbb11419

  • SSDEEP

    6144:/83TMt4AG6hJ78hY1qCSW4L6Edfkh7adpnDnaeYUREFQ/0JDs3LRwwXBlXCm3Yr8:/83OnVhHSNfkhGzDZEVdywSSehm6lR

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4034267cf91ad46fda57453b3c2a176e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4034267cf91ad46fda57453b3c2a176e_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2640-21-0x0000000000400000-0x0000000000563000-memory.dmp

    Filesize

    1.4MB