Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/06/2024, 00:40 UTC

General

  • Target

    101f1caf9d74e1cf5d5eb2ce73b1be6d_JaffaCakes118.exe

  • Size

    56KB

  • MD5

    101f1caf9d74e1cf5d5eb2ce73b1be6d

  • SHA1

    013e3dff036da68962f4598197e1f3d9f6c4f600

  • SHA256

    6f93d00e75dc00a9602bb2baabfe3cc38a6262709cd2d446546b9ae695dcd237

  • SHA512

    f7e9508634ae64bcd4db2b35850daf0ea73827de67369f9907ac6ee49c29b8745ddcc4e84d2cc3ec1857e77f81071c2c67054ba19fdac64ba0775bca13d021a5

  • SSDEEP

    1536:kZ/nEkB8OTKNhGqxs1erhtpYv3m8y5/gd:axBTKNhGSs8h8vm8y1gd

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\101f1caf9d74e1cf5d5eb2ce73b1be6d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\101f1caf9d74e1cf5d5eb2ce73b1be6d_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1132
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1132 -s 88
      2⤵
      • Program crash
      PID:2160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1132-0-0x0000000000400000-0x0000000000409000-memory.dmp

    Filesize

    36KB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.