Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ebf41f4b5e...18.exe

windows7-x64

7

ebf41f4b5e...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/04/2024, 20:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebf41f4b5e770958b1dd11e2fb9c29f0_JaffaCakes118.exe

  • Size

    18.3MB

  • MD5

    ebf41f4b5e770958b1dd11e2fb9c29f0

  • SHA1

    0607bbea949889444d54a637acaa04a7c1a8c3ea

  • SHA256

    c4fe7e42dc1ea441e5e53c0d717d64ca24292b84278bcca899aec0fb477b0c7b

  • SHA512

    4d79ae7e52303a4ab9dd79459ae26554c77953c68fc1eaab50c54a5ce9f9f3153fa76320c3f1db7b6887150db9acc404039438d5bfcb765f0c15f07da1615f5b

  • SSDEEP

    98304:EcKHfr5zfMfb5zfMXfr5zfMfb5zrMXfr5zfMmr5zv:Ev

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ebf41f4b5e770958b1dd11e2fb9c29f0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ebf41f4b5e770958b1dd11e2fb9c29f0_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1896
    • C:\Users\Admin\AppData\Local\Temp\ffad.exe
      C:\Users\Admin\AppData\Local\Temp\ffad.exe -run C:\Users\Admin\AppData\Local\Temp\ebf41f4b5e770958b1dd11e2fb9c29f0_JaffaCakes118.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:1508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\ffad.exe
    Filesize

    22.1MB

    MD5

    fb2fc52de71f832c46b71cb58b7f19f8

    SHA1

    3793de041168033897c83d5c758d5e3053909418

    SHA256

    8b7abfda15c09a98ae743781c0f4065851f89d41aacca3537077cd32b7f1f725

    SHA512

    e0ff1c6aa0dfb168f62cc26cc8f9c99beeff439989e1b2e15429d9f8d14184762cd8746f4d87a5fffc5db165027c6c6bb0850ba0ad19e7a93866cb2846d33f7d

    Download Submit

  • memory/1508-91-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/1508-68-0x0000000002080000-0x00000000020D0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1508-67-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-66-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-64-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-65-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-61-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-63-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-62-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-60-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-57-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-59-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-58-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-55-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-56-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-54-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-53-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-52-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-51-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-50-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-49-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-48-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-46-0x0000000002C50000-0x0000000002C56000-memory.dmp

    Filesize

    24KB

    Download

  • memory/1508-47-0x0000000002D20000-0x0000000002E20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1508-45-0x0000000002C70000-0x0000000002C71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1508-44-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-14-0x00000000024D0000-0x00000000024D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-28-0x0000000002D50000-0x0000000002D56000-memory.dmp

    Filesize

    24KB

    Download

  • memory/1896-31-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-30-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-32-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-34-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-33-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-7-0x0000000000730000-0x0000000000731000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-40-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/1896-41-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-42-0x0000000002340000-0x0000000002390000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1896-43-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-8-0x0000000000780000-0x0000000000781000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-39-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-35-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-29-0x0000000002E20000-0x0000000002F20000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1896-12-0x0000000002520000-0x0000000002521000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-13-0x00000000024E0000-0x00000000024E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-26-0x00000000025A0000-0x00000000025A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-6-0x0000000000700000-0x0000000000701000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-27-0x00000000025C0000-0x00000000025C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-25-0x0000000002570000-0x0000000002571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-24-0x00000000025B0000-0x00000000025B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-22-0x0000000002580000-0x0000000002581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-0-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/1896-21-0x0000000002590000-0x0000000002591000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-19-0x0000000002540000-0x0000000002541000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-20-0x00000000025E0000-0x00000000025E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-18-0x0000000002530000-0x0000000002531000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-15-0x0000000002500000-0x0000000002501000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-16-0x00000000024C0000-0x00000000024C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-17-0x00000000024F0000-0x00000000024F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-9-0x0000000002D70000-0x0000000002D71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-10-0x0000000000750000-0x0000000000751000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-11-0x0000000002D60000-0x0000000002D62000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1896-5-0x0000000000740000-0x0000000000741000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-4-0x0000000000710000-0x0000000000711000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-3-0x0000000000720000-0x0000000000721000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-2-0x0000000000760000-0x0000000000761000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1896-1-0x0000000002340000-0x0000000002390000-memory.dmp

    Filesize

    320KB

    Download