Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

08456d53df...18.exe

windows7-x64

7

Resubmissions

10/04/2024, 05:34

240410-f9shssha71 6

10/04/2024, 05:34

240410-f9rw9sdh27 6

10/04/2024, 05:34

240410-f9raqsha7w 6

10/04/2024, 05:34

240410-f9qzzadh24 6

01/04/2024, 07:59

240401-jvlcqaha5w 7

01/04/2024, 07:58

240401-jt2y3sha3y 6

01/04/2024, 07:57

240401-jthkfaha2v 6

01/04/2024, 07:53

240401-jrfytsgh6w 6

01/04/2024, 07:26

240401-h9vdhagd9w 7

01/04/2024, 07:23

240401-h777ksgh22 6

Analysis

  • max time kernel
    1767s
  • max time network
    1782s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01/04/2024, 07:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08456d53df6abf9812cf4549b3b582ea_JaffaCakes118.exe

  • Size

    131KB

  • MD5

    08456d53df6abf9812cf4549b3b582ea

  • SHA1

    500c86eb1e89469dd226f3d664e860f7676a9225

  • SHA256

    8883cc13e0f391979e828931e59168cd8bdb1814598323622a51f85ab302f3f8

  • SHA512

    40125b077f5485be87e6cfb1339651baae342046dc34ed9a5b97541486006511c959ebe89651a0264dd761167886843c6cc597b359cb8384675696999ff3c52b

  • SSDEEP

    1536:BL+O/U7OBmKGS6CBK0t/ZCXPGuxgDM5YKBGNc/xf6KWcs8+SUkIcekqY1o/uImzk:BLxUyjp3xCTyDMsUWyw+Ubx7NR

Score
7/10
persistence

Malware Config

Signatures

  • Unexpected DNS network traffic destination 1 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Uses Tor communications 1 TTPs

    Malware can proxy its traffic through Tor for more anonymity.

Processes

  • C:\Users\Admin\AppData\Local\Temp\08456d53df6abf9812cf4549b3b582ea_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\08456d53df6abf9812cf4549b3b582ea_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    PID:2176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\cached-consensus
    Filesize

    3.0MB

    MD5

    e53ff19997287009cac1a48eb04421e2

    SHA1

    52b88b7e4ca6d018ed744969851c0611f55b6b97

    SHA256

    8f755f86039cfbf8372f48687a3573ebb0d28021d9060e84214a50643798c115

    SHA512

    5c295c6b303c247ac54e34d5c9a51415a43ff671e3521e3b8802f8f20a683a19d0e6d6a2617625481bea1a56a4b072001ea1a2540c034cfaaa3f00b8e08d9943

    Download Submit