Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

a13ba0c1fd...18.exe

windows7-x64

5

a13ba0c1fd...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    142s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe

  • Size

    571KB

  • MD5

    a13ba0c1fdbad7648de9e93a4aaa17f6

  • SHA1

    46ab2afaa7e289be5eb4bd3626be8144defb532a

  • SHA256

    807b3866f5bf73d6d441d67a080ddb825de6b099f46f43b3a693c7f8d089ef03

  • SHA512

    e5944285b22af01af3de441b68539d890e32e043387f7f8bc445ce4482ae1ec157bc0ad8ceb6d5198d2fa1f1d33f30efedcc9902fdb360d06a3b0823079551f9

  • SSDEEP

    6144:jRwfqUKDPM5x3/nHFGpkg+p3F2wN2tjbTwxcueNrXa1DTgjAuJqaLe8tx8IZfL:W/nl99dF/2XUcVNrK1DTgS7TIZT

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a13ba0c1fdbad7648de9e93a4aaa17f6_JaffaCakes118.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2028-0-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-1-0x0000000000270000-0x00000000002B2000-memory.dmp

    Filesize

    264KB

    Download

  • memory/2028-2-0x0000000074AD0000-0x0000000074B1A000-memory.dmp

    Filesize

    296KB

    Download

  • memory/2028-3-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-4-0x0000000000402000-0x000000000044B000-memory.dmp

    Filesize

    292KB

    Download

  • memory/2028-6-0x00000000002D0000-0x00000000002D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2028-5-0x0000000000270000-0x00000000002B2000-memory.dmp

    Filesize

    264KB

    Download

  • memory/2028-8-0x00000000752E0000-0x000000007538C000-memory.dmp

    Filesize

    688KB

    Download

  • memory/2028-10-0x0000000075AE0000-0x0000000075B37000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2028-13-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-12-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-11-0x0000000074C30000-0x0000000074C39000-memory.dmp

    Filesize

    36KB

    Download

  • memory/2028-9-0x0000000076DC0000-0x0000000076E07000-memory.dmp

    Filesize

    284KB

    Download

  • memory/2028-14-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-16-0x0000000075B40000-0x0000000075C9C000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2028-17-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-18-0x00000000753A0000-0x000000007542F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2028-19-0x00000000740D0000-0x0000000074150000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2028-21-0x0000000076170000-0x0000000076DBA000-memory.dmp

    Filesize

    12.3MB

    Download

  • memory/2028-22-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-23-0x0000000073DF0000-0x0000000073E07000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2028-24-0x0000000073A60000-0x0000000073BF0000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2028-25-0x0000000073BF0000-0x0000000073D8E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2028-27-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-26-0x00000000760A0000-0x000000007616C000-memory.dmp

    Filesize

    816KB

    Download

  • memory/2028-29-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-30-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-39-0x00000000760A0000-0x000000007616C000-memory.dmp

    Filesize

    816KB

    Download

  • memory/2028-37-0x0000000075AE0000-0x0000000075B37000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2028-33-0x00000000752E0000-0x000000007538C000-memory.dmp

    Filesize

    688KB

    Download

  • memory/2028-42-0x0000000074940000-0x00000000749BD000-memory.dmp

    Filesize

    500KB

    Download

  • memory/2028-41-0x0000000075B40000-0x0000000075C9C000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2028-36-0x0000000076170000-0x0000000076DBA000-memory.dmp

    Filesize

    12.3MB

    Download

  • memory/2028-35-0x0000000074AD0000-0x0000000074B1A000-memory.dmp

    Filesize

    296KB

    Download

  • memory/2028-31-0x0000000076DC0000-0x0000000076E07000-memory.dmp

    Filesize

    284KB

    Download

  • memory/2028-45-0x0000000074150000-0x0000000074245000-memory.dmp

    Filesize

    980KB

    Download

  • memory/2028-53-0x000000006FC40000-0x000000006FD70000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2028-54-0x0000000000270000-0x00000000002B2000-memory.dmp

    Filesize

    264KB

    Download

  • memory/2028-52-0x0000000073A60000-0x0000000073BF0000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2028-51-0x0000000073BF0000-0x0000000073D8E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2028-49-0x0000000073E10000-0x0000000073E23000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2028-47-0x00000000740D0000-0x0000000074150000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2028-46-0x0000000074BD0000-0x0000000074BD3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2028-44-0x0000000074250000-0x000000007493E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2028-55-0x0000000000402000-0x000000000044B000-memory.dmp

    Filesize

    292KB

    Download

  • memory/2028-56-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-57-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-81-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-82-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-83-0x0000000000400000-0x00000000004F3000-memory.dmp

    Filesize

    972KB

    Download

  • memory/2028-95-0x0000000074940000-0x00000000749BD000-memory.dmp

    Filesize

    500KB

    Download

  • memory/2028-88-0x0000000074AD0000-0x0000000074B1A000-memory.dmp

    Filesize

    296KB

    Download

  • memory/2028-86-0x00000000752E0000-0x000000007538C000-memory.dmp

    Filesize

    688KB

    Download