Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ffd6cc98e5...18.exe

windows7-x64

7

ffd6cc98e5...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 17:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffd6cc98e5c1be1070c8b86c7f8f7dd2_JaffaCakes118.exe

  • Size

    38KB

  • MD5

    ffd6cc98e5c1be1070c8b86c7f8f7dd2

  • SHA1

    e3cae1823e73c11d095559dbdd9e7bd781cbd624

  • SHA256

    f256bff52658c48c8b89932646db57613992a9063e310b0618d38434776abf87

  • SHA512

    bd3cabe4afaba0b8f8c8fac01ce079b60795321cbfa786421f52a8096b48a83f494a70fda45f9292623826702bd939ea69a8a9c6dd6e53e990468a274e07218b

  • SSDEEP

    768:kndrUPgJ2Abt88F2ojvvkhbnLztzBrl9zpGzjeiKtnIm/k47nWhsHPvDJ:ydrUocAbt5FvUD/Xrn9GzXKVImtyi3F

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffd6cc98e5c1be1070c8b86c7f8f7dd2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ffd6cc98e5c1be1070c8b86c7f8f7dd2_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:2308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Common Files\Microsoft Shared\MSInfo\atmQQ2.dll
    Filesize

    54KB

    MD5

    8ad926f5f0aa3e1fcd9e2bff54379181

    SHA1

    4edb233575d2705f3c36380714a46584244185cb

    SHA256

    f0dc86d122921be37dee9cc0acf609963e3b25061fb71042243eb876d445659e

    SHA512

    8402e77578dd720041292fae258d289b005197ebb7446b3bdc565ef7698cfb7ec3f65fa9540ef4d6bc085bd56cd9eefa01ce129b9c4640b922248c4cc962f252

    Download Submit

  • memory/2308-1-0x0000000000400000-0x0000000000423054-memory.dmp

    Filesize

    140KB

    Download

  • memory/2308-2-0x0000000000020000-0x0000000000021000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2308-0-0x0000000000400000-0x0000000000423054-memory.dmp

    Filesize

    140KB

    Download

  • memory/2308-3-0x0000000000400000-0x0000000000423054-memory.dmp

    Filesize

    140KB

    Download

  • memory/2308-4-0x0000000000400000-0x0000000000423054-memory.dmp

    Filesize

    140KB

    Download

  • memory/2308-8-0x0000000000400000-0x0000000000423054-memory.dmp

    Filesize

    140KB

    Download