Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...48.exe

windows7-x64

10

JaffaCakes...48.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/01/2025, 11:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_a8e2cf6a25721f952dda89462fc24f48.exe

  • Size

    168KB

  • MD5

    a8e2cf6a25721f952dda89462fc24f48

  • SHA1

    abb2516094632adec98866e4c747f2e98bd1cd62

  • SHA256

    7647144af87d28b5485c4088a4810eaccdf7863f4aac2a5d25af432fde9514c7

  • SHA512

    9ef15dc5aecb57cc00e1a2d394053ffdb5b25decfe82b9b54e36b551ccb6f4660ed0e03d25576e33f3f0a3f9e81361243b876f1b9fba5f233f69e1684419af53

  • SSDEEP

    3072:BZ5QcpRU9FqIbP9vb15OL4AuvTY5pbmMxnsMZ3ysHZIhAu9/gmYb2afbGwlDl:BZ5QsU9Fd775oGM1Z3pHdk/gmYb2DwlJ

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_a8e2cf6a25721f952dda89462fc24f48.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_a8e2cf6a25721f952dda89462fc24f48.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4940
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4940 -s 440
      2⤵
      • Program crash
      PID:760
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 4940 -ip 4940
    1⤵
      PID:3656

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads