Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ffd6cc98e5...18.exe

windows7-x64

7

ffd6cc98e5...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/04/2024, 17:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffd6cc98e5c1be1070c8b86c7f8f7dd2_JaffaCakes118.exe

  • Size

    38KB

  • MD5

    ffd6cc98e5c1be1070c8b86c7f8f7dd2

  • SHA1

    e3cae1823e73c11d095559dbdd9e7bd781cbd624

  • SHA256

    f256bff52658c48c8b89932646db57613992a9063e310b0618d38434776abf87

  • SHA512

    bd3cabe4afaba0b8f8c8fac01ce079b60795321cbfa786421f52a8096b48a83f494a70fda45f9292623826702bd939ea69a8a9c6dd6e53e990468a274e07218b

  • SSDEEP

    768:kndrUPgJ2Abt88F2ojvvkhbnLztzBrl9zpGzjeiKtnIm/k47nWhsHPvDJ:ydrUocAbt5FvUD/Xrn9GzXKVImtyi3F

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffd6cc98e5c1be1070c8b86c7f8f7dd2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ffd6cc98e5c1be1070c8b86c7f8f7dd2_JaffaCakes118.exe"
    1⤵
      PID:1752
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1752 -s 228
        2⤵
        • Program crash
        PID:3556
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 1752 -ip 1752
      1⤵
        PID:4328

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1752-0-0x0000000000400000-0x0000000000423054-memory.dmp

        Filesize

        140KB

        Download

      • memory/1752-1-0x00000000001C0000-0x00000000001C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1752-2-0x0000000000400000-0x0000000000423054-memory.dmp

        Filesize

        140KB

        Download