Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

1875b9b3be...18.exe

windows7-x64

6

1875b9b3be...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/06/2024, 02:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1875b9b3be508f611e72bfa655a89328_JaffaCakes118.exe

  • Size

    467KB

  • MD5

    1875b9b3be508f611e72bfa655a89328

  • SHA1

    7bf1d35b23d406a1567c3b6d1efa7b5a1b98a3f6

  • SHA256

    fe5a2f3c0c91fca86fe9d14e78f5b4b98c52f8145475690859ebe3fe397e6d9f

  • SHA512

    74f94f713425b5edd217e58fa443b0ba543a7d6fb893da3e4e90ed7e2434070cf353d4e29e41c65e04b40e7cb4cfbc0686c73906f2f745dfa074e8348fd8af75

  • SSDEEP

    6144:PdgzcYJadNPviYGYPgV4YgC6mGoaeEV7OzFom6SpTLKmBv65TNk0jI1hza+7Ziy1:mzgdNPviJTVWXOpSSpru5RgIy0GTx

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in Windows directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1875b9b3be508f611e72bfa655a89328_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\1875b9b3be508f611e72bfa655a89328_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in Windows directory
    PID:3196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3196-0-0x0000000000740000-0x0000000000741000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3196-2-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-3-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-4-0x0000000000740000-0x0000000000741000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3196-5-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-6-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-7-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-8-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-9-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-10-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-11-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-12-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-13-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-14-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-15-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download

  • memory/3196-16-0x0000000000400000-0x000000000047B000-memory.dmp

    Filesize

    492KB

    Download