Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 14:33

General

  • Target

    4062e0535b873cd99f1dddd66611f10f_JaffaCakes118.exe

  • Size

    735KB

  • MD5

    4062e0535b873cd99f1dddd66611f10f

  • SHA1

    330bafd1cafe442f5faacda97117d5bddf9b0938

  • SHA256

    5229e367155c2bd5451802d3b40ce0dbfe3e0ff55702f8c6fe63bea3932f4783

  • SHA512

    89e8337f6e6b799961a5d54fcbb600caea89ec98835c1cdfc6e22d4a51be1db0af908871dd59bafdbb189789bf60ef0d235747b8d64e943c115eaf6b8d1c0343

  • SSDEEP

    12288:5c+RtFpkuSau+YDtuYIsPmL/4kb4h6DWmQBDu7BItWdqgLpDpVPJqmUOPFOxV:FTIUu+YDgrsPmL/4bh6DWmQdGBItWnJq

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\4062e0535b873cd99f1dddd66611f10f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4062e0535b873cd99f1dddd66611f10f_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2708-0-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

  • memory/2708-1-0x0000000000400000-0x00000000004B8000-memory.dmp

    Filesize

    736KB