Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 05:43

General

  • Target

    7be65bafc6b8d31ed1b890a66a204bfa_JaffaCakes118.exe

  • Size

    160KB

  • MD5

    7be65bafc6b8d31ed1b890a66a204bfa

  • SHA1

    925d1a24162adaf99710014d9a378f585a891158

  • SHA256

    b9f6149145d54bd6d163c704a2bfee4ddb7dc649a64e88736a252feeb3f84bb1

  • SHA512

    3947e4caf86dffb12e751dc9422f82c724acf9b0bcb3735d84b9e563765132103337e6f39dcd95c14ad5c787c8ac300ea2940d6547222dbb353d25ff90ebb11c

  • SSDEEP

    3072:jmVW8iTX/3RfldjjXq1+0cxxsWEL02fXcIp08MoeE2B2I4czVg:aM7jJlRexYTHYZMLBZvg

Score
6/10

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops file in System32 directory 33 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7be65bafc6b8d31ed1b890a66a204bfa_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\7be65bafc6b8d31ed1b890a66a204bfa_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\macromd\pamela anderson nude.exe

    Filesize

    72KB

    MD5

    1b10b5d845e15093d5ae1eb109fb5b6a

    SHA1

    412104532a7d89c5b3ac9e6397001d931dac3706

    SHA256

    362307ed13cb65846ca4cab5ed3b7860c7f3fd4275e4b944966ef266e783a25c

    SHA512

    a390c3f59e9349573cff84a96e798121f6efdc50aaa80909d81a2e44ce4152404fedfc8eb2d92f5f2ed76e26e2e794ee7467c766576ac448e11ab41a9a681184

  • memory/3000-33-0x0000000000400000-0x0000000000464000-memory.dmp

    Filesize

    400KB