Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    144s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    29/04/2024, 14:33

General

  • Target

    07e2b3e0e492326b3a0558f60da9b015_JaffaCakes118.doc

  • Size

    15KB

  • MD5

    07e2b3e0e492326b3a0558f60da9b015

  • SHA1

    47304c99dc78fc847bebe17409fa3cd4549e4152

  • SHA256

    acff9d7de4ecea43b810a8c80c59e04a921d95a3394c0655bc400b812fc672df

  • SHA512

    499ce0838c2c6da9055e21bdd6c480e4f8bce276550c2327fc1fc562814fcfe6865a6c168578ce25fa9c5ca345ec439e36efff3672901590a773e2d13f7f0794

  • SSDEEP

    192:npVthmqEB0/oE8w0+pyRdjiHFd8sgWrbf7OEJMXvCI8ELalx/:n/tQ+E+p6lisFWr/OEJMqIex/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 20 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\07e2b3e0e492326b3a0558f60da9b015_JaffaCakes118.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2184

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2184-0-0x000000002F261000-0x000000002F262000-memory.dmp

    Filesize

    4KB

  • memory/2184-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

  • memory/2184-2-0x00000000719DD000-0x00000000719E8000-memory.dmp

    Filesize

    44KB

  • memory/2184-5-0x00000000719DD000-0x00000000719E8000-memory.dmp

    Filesize

    44KB