Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c130ac321d...18.exe

windows7-x64

10

c130ac321d...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/04/2024, 19:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c130ac321d6f5d08fdcfea1ee0a98b87_JaffaCakes118.exe

  • Size

    582KB

  • MD5

    c130ac321d6f5d08fdcfea1ee0a98b87

  • SHA1

    f65373f4eaf8fe94a96901a85a2ce0a214747ad6

  • SHA256

    e45562980424366481dbd17982b5773aa120d0c6410a0d45ef4daa156ca7c478

  • SHA512

    4566161595cf570ba6f85386444c83d2b8c1a89ef194ba0d66b70dc9091c7c37810a4d2b7644f414171c9a9c102d972b20868935882ae654ffeaaa83f0b17c71

  • SSDEEP

    12288:Z1GO+R4yXP9NsHqJH1U3fJ9XniH+gkoMCR0QoUPHErJTZg83CJWDwEQm:Z1GO41XP9mHI+x93ienCpoDZg83D1

Score
10/10
raccoonstealer

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer V1 payload 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c130ac321d6f5d08fdcfea1ee0a98b87_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\c130ac321d6f5d08fdcfea1ee0a98b87_JaffaCakes118.exe"
    1⤵
      PID:4928

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4928-1-0x0000000000A40000-0x0000000000B40000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/4928-2-0x0000000000980000-0x0000000000A0E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/4928-3-0x0000000000400000-0x00000000007C3000-memory.dmp

      Filesize

      3.8MB

      Download

    • memory/4928-4-0x0000000000400000-0x00000000007C3000-memory.dmp

      Filesize

      3.8MB

      Download

    • memory/4928-6-0x0000000000A40000-0x0000000000B40000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/4928-7-0x0000000000980000-0x0000000000A0E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/4928-10-0x0000000000400000-0x00000000007C3000-memory.dmp

      Filesize

      3.8MB

      Download