Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

5dcd257546...18.exe

windows7-x64

6

5dcd257546...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04/05/2024, 17:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5dcd2575462ca2e603e737055a24c0ae.jaffacakes118.exe

  • Size

    841KB

  • MD5

    5dcd2575462ca2e603e737055a24c0ae

  • SHA1

    c43a1d376094979762d3dc060bb45a249a23c33d

  • SHA256

    d2dbaca8e85b641ea02b54350d68532aae4e879896cc6052740dbbef8b5b44d9

  • SHA512

    6f58ff8c721e8d3e10fdb427c8d434bb4a63b532e1500c5cd085000d36589c2429dfd1ff42a8f40d0faff099d6b57c557f4f29fcaa3c97cae86d7fa11baef7f0

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1Dzbp:Hha8iAx+1zwjmHd6vB/jO11zncJ

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5dcd2575462ca2e603e737055a24c0ae.jaffacakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5dcd2575462ca2e603e737055a24c0ae.jaffacakes118.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    850KB

    MD5

    10865060941c20695b6f065e7d865822

    SHA1

    9b037270b74d1672411113959be29f7fa81ea1dd

    SHA256

    d698e2d3127351d95f73dad91d72e66cc914cfe38b3dfca3328fde314f7e87d6

    SHA512

    770de98a1f1172f745bbf6ce77b1877ced70a6733aa147fa33c9c5c80e10260d2123ba7fe3e5c4721d9fd56e5e7246a9b13c80e2a29e94717335a1bfc4382f92

    Download Submit

  • memory/2352-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2352-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download