Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8d3387ca37...18.exe

windows7-x64

7

8d3387ca37...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PROGRAMFI...le.exe

windows7-x64

7

$PROGRAMFI...le.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$TEMP/chrome.js

windows7-x64

3

$TEMP/chrome.js

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 06:45 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8d3387ca379632c0516bc41636a5dcea_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    8d3387ca379632c0516bc41636a5dcea

  • SHA1

    ad8b19655d18c343849a7bf0f447445ca56ec5e1

  • SHA256

    05e697efcba64236432c6e2a0d871fafefd00ac06b608cc096c38e85c2841495

  • SHA512

    406b7c3411aa3143cc955f4c9a50d3719a2eb8c6d968161f378ba307b9f82cb0dcaa54c4ddb33f1f1dfe0ef46b5abcbe7c0cc20244149af00d13da001b7d9488

  • SSDEEP

    24576:4E0+zh36rA0CzFvnsm6iGbQ/oIKikelvQ0ZTIz7O7n3:i+v1B0hi5A8TIi3

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8d3387ca379632c0516bc41636a5dcea_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\8d3387ca379632c0516bc41636a5dcea_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1740

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsd9B56.tmp\ioSpecial.ini
    Filesize

    1020B

    MD5

    da131a8407d7862f39846312ba4a8102

    SHA1

    791a8149fd797bfa3481c26802c6004f07267d05

    SHA256

    3ed9a622ce1e0689a7ced47c11e17c8584b0a31672866344f9344262c2c6de01

    SHA512

    b98518be5f1c6378b8ef9d13189dce9dc46af34288830465276e597b8c155f85ccd8aeef0174340d56ac19b1091131ca51f8e6d54d4f3a2ea828361bb4588a0b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    9384f4007c492d4fa040924f31c00166

    SHA1

    aba37faef30d7c445584c688a0b5638f5db31c7b

    SHA256

    60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5

    SHA512

    68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\UAC.dll
    Filesize

    17KB

    MD5

    09caf01bc8d88eeb733abc161acff659

    SHA1

    b8c2126d641f88628c632dd2259686da3776a6da

    SHA256

    3555afe95e8bb269240a21520361677b280562b802978fccfb27490c79b9a478

    SHA512

    ef1e8fc4fc8f5609483b2c459d00a47036699dfb70b6be6f10a30c5d2fc66bae174345bffa9a44abd9ca029e609ff834d701ff6a769cca09fe5562365d5010fa

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\linker.dll
    Filesize

    7KB

    MD5

    122754bdae09014ed8be78a8dd3618c0

    SHA1

    8a1d4a0b8202d2261a12d97aebfe33144c274444

    SHA256

    67552ebf58e98e841dcd9f4213ad3eb134d595f04839771618f0bb1c48ea2b92

    SHA512

    7b9b5f8b52db793b4833a75bd8f122f28f2df00d43bd35efc831c2b8457009d51fe39874c691389c2fdc87ed411919b59da50199e3f719bd4cfb166367f185d9

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.