Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
24/06/2024, 20:05
Behavioral task
behavioral1
Sample
0a98757e68851dc1ed3b3ba7392ba329_JaffaCakes118.dll
Resource
win7-20240611-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
0a98757e68851dc1ed3b3ba7392ba329_JaffaCakes118.dll
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
0a98757e68851dc1ed3b3ba7392ba329_JaffaCakes118.dll
-
Size
148KB
-
MD5
0a98757e68851dc1ed3b3ba7392ba329
-
SHA1
10bdd4d7c9d18ad45f5a77a4b28ef52c8116f1c3
-
SHA256
e1963bfc2207f597139163ba24b0633ac56633e574d5298283754f6780197e72
-
SHA512
de6db9f3e7c2793213a46c248c5d41a8168dec29c83437c8cf7e9560e319ea1cba2adf1c0dfaf1ca9f213e96d12925f38cd7ad045e49751ec4287e3861de3adf
-
SSDEEP
3072:WCPuhePO111hLLXkntB0Yp7zwGPCV5zGglVd8UbzTBfttEIcU:WCPtOXhLiBZHwGP8CAlbzTBltEI9
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2232 wrote to memory of 2164 2232 rundll32.exe 28 PID 2232 wrote to memory of 2164 2232 rundll32.exe 28 PID 2232 wrote to memory of 2164 2232 rundll32.exe 28 PID 2232 wrote to memory of 2164 2232 rundll32.exe 28 PID 2232 wrote to memory of 2164 2232 rundll32.exe 28 PID 2232 wrote to memory of 2164 2232 rundll32.exe 28 PID 2232 wrote to memory of 2164 2232 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0a98757e68851dc1ed3b3ba7392ba329_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2232 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0a98757e68851dc1ed3b3ba7392ba329_JaffaCakes118.dll,#12⤵PID:2164
-