Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

77e12a13c9...18.exe

windows7-x64

6

77e12a13c9...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 04:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77e12a13c9bb4d226bb20b5da29e1a33_JaffaCakes118.exe

  • Size

    215KB

  • MD5

    77e12a13c9bb4d226bb20b5da29e1a33

  • SHA1

    d4ef95f90735940a35e3147d96bfc54b8aa84414

  • SHA256

    2207fdadc6448ea73318dd7adb333190a9856ff40fa47c9f1095c763f96ab013

  • SHA512

    febf7a197db4b1148110682da31c864d69f356da3a0aac13729e5a79355e9079e510f17a06eee6b240cdb3ea5a11fc010fd6e8dfc994dc37dad5a7b18d907099

  • SSDEEP

    3072:xA8CBu7xiDvCYE9fEMMDys+q6UP5+sfuiYV2TdAIQN6mwnuh3wQJ3xIy9:28CM7xIa+x+q6q+sfu90WIQN2ngJ3xIK

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\77e12a13c9bb4d226bb20b5da29e1a33_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\77e12a13c9bb4d226bb20b5da29e1a33_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    PID:1280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1280-0-0x0000000000020000-0x0000000000021000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1280-2-0x00000000000F0000-0x00000000000F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1280-1-0x0000000000030000-0x0000000000031000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1280-3-0x0000000000150000-0x0000000000170000-memory.dmp

    Filesize

    128KB

    Download

  • memory/1280-4-0x0000000000100000-0x0000000000101000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1280-5-0x00000000001C0000-0x00000000001EF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1280-9-0x0000000000150000-0x0000000000170000-memory.dmp

    Filesize

    128KB

    Download

  • memory/1280-17-0x0000000000150000-0x0000000000170000-memory.dmp

    Filesize

    128KB

    Download