Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ec45673b45...18.exe

windows7-x64

7

ec45673b45...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    11/04/2024, 00:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ec45673b4568f927134678187fc83b0c_JaffaCakes118.exe

  • Size

    22KB

  • MD5

    ec45673b4568f927134678187fc83b0c

  • SHA1

    851052080624c41f5b18145f711a7885ee53f838

  • SHA256

    03fdc2107556751b3cf44c2f8f29a123f075d46340313cf075ec53f3d8bc1fb1

  • SHA512

    3c0fb1b33f5dfb5a106e6839300100560a61b9793b45376a6e137ebb8ac8e6d340ecb2e27e433847edf100a1b2a4517a550efe3be64363aa604070812d949c68

  • SSDEEP

    384:MAwW9E7VnZc0wj610iCMOWOn/Ze7O9WlJsEwygJUjJmSF1QCElzPO+cBcU/:8Wi5nZGMcDfn/YbLQAE8+c

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ec45673b4568f927134678187fc83b0c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ec45673b4568f927134678187fc83b0c_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Windows\SysWOW64\ec45673b4568f927134678187fc83b0c_JaffaCakes118hj.dll
    Filesize

    19KB

    MD5

    05a551774d34b16c2562b9bb1a3f3064

    SHA1

    acb1cb1130183e3bdab28ad2717228881ca93924

    SHA256

    35ecb04de6d61917f1c2c4e333f47ca23e2c5b7bb22ba525d230ebc7d136d869

    SHA512

    f9599fed5e176f44ccfdb7a7556cfe0787a9caaf4d691fe8b1a5a582a1de4a4313ec59c4c0bb0da4ab7cf27c783a8906eb75a6476fb87d5bd812b5456ca054ad

    Download Submit

  • memory/1736-0-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/1736-6-0x00000000003C0000-0x00000000003D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/1736-7-0x00000000003C0000-0x00000000003D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/1736-9-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download