Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

88822c8f1f...18.exe

windows7-x64

10

88822c8f1f...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    31/05/2024, 22:04 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    88822c8f1f66012102dee1e3bf857e7a_JaffaCakes118.exe

  • Size

    313KB

  • MD5

    88822c8f1f66012102dee1e3bf857e7a

  • SHA1

    a08810ce476ea5fa9a956724290bc0febab838c9

  • SHA256

    11ea29b9d6118362827665080ae28ef95f24b407c0b47ab12fb10e5fbe87790c

  • SHA512

    88d727c260a40ec56e392c416e1b7171cc4150169bc843948081811d6682137008579ee75b53cc69e973479c66210c72565b3562449868419bbbdc2f6a6b1069

  • SSDEEP

    3072:Te3kUHvVnJiRymCNW46B5oY4RBxh2ucmPCFeqGMZSuAoQJjzAtJYG6DiIncgNexy:CkUHdsymgp5kurqGZuIzaOGwiJgq

Score
10/10
azorultinfostealertrojan

Malware Config

Extracted

Family

azorult

C2

http://92.63.197.104/index.php

Signatures

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

Processes

  • C:\Users\Admin\AppData\Local\Temp\88822c8f1f66012102dee1e3bf857e7a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\88822c8f1f66012102dee1e3bf857e7a_JaffaCakes118.exe"
    1⤵
      PID:2220

    Network

      No results found
    • 92.63.197.104:80
      88822c8f1f66012102dee1e3bf857e7a_JaffaCakes118.exe
      152 B
       3
    • 92.63.197.104:80
      88822c8f1f66012102dee1e3bf857e7a_JaffaCakes118.exe
      152 B
       3
    • 92.63.197.104:80
      88822c8f1f66012102dee1e3bf857e7a_JaffaCakes118.exe
      152 B
       3
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2220-1-0x0000000000400000-0x0000000000479000-memory.dmp

      Filesize

      484KB

      Download

    • memory/2220-2-0x0000000000400000-0x0000000000479000-memory.dmp

      Filesize

      484KB

      Download

    • memory/2220-6-0x0000000000400000-0x0000000000479000-memory.dmp

      Filesize

      484KB

      Download

    • memory/2220-8-0x0000000000400000-0x0000000000479000-memory.dmp

      Filesize

      484KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.