Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

cc67db48ef...18.exe

windows7-x64

6

cc67db48ef...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/04/2024, 05:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cc67db48ef04d21cc872fda4f3236421_JaffaCakes118.exe

  • Size

    130KB

  • MD5

    cc67db48ef04d21cc872fda4f3236421

  • SHA1

    fae31f59a7475b72600f89567ed5b97db3d687e1

  • SHA256

    5ad41204526d4796924da993b7615bbe17fc38e0263493e212b03b28eedb10b6

  • SHA512

    526a32568e8d9d0e7176d4487f1f3213d4f1f539de4e3d3e205ccdc7e7e605b5b4c31f69f943e33428f2f2b17ec8ed8d767ba7986464d10b1a95e681a76c37b7

  • SSDEEP

    1536:Y/+J/2d2Bv/JDFYxG0//xLHIgdrXHfmmQVZfLrmtfwGpi+x8k0Ysu06ouqA4w8oI:Y/I2cKfZvFXHfmlDsco+Wf+J8xbvxTol

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Uses Tor communications 1 TTPs

    Malware can proxy its traffic through Tor for more anonymity.

Processes

  • C:\Users\Admin\AppData\Local\Temp\cc67db48ef04d21cc872fda4f3236421_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\cc67db48ef04d21cc872fda4f3236421_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    PID:820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads