Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

25a42987ef...18.exe

windows7-x64

7

25a42987ef...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 17:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    25a42987eff0bc144eef1e8eeb71a9da_JaffaCakes118.exe

  • Size

    236KB

  • MD5

    25a42987eff0bc144eef1e8eeb71a9da

  • SHA1

    ac5add8a4dc7d8f06d04693198f0f8a07f728888

  • SHA256

    56885946a2acf22b394be12e37504f20ab9a83857a68c5153a150d25397549b5

  • SHA512

    a68dc835f956b503c8ffcfa8ce79c19e3bfb3a48c0d0b6fa99789840b0b908809f1b004833dc35418e6d13bb7e8a3b1f5100ba66d2aed55e1fdcb1de1f12d1fd

  • SSDEEP

    6144:VL/4gIi0FcKgY4QXlksfDQ93ha4l0uYnjXzLxnRLUg8p:VTWcKh1XlksERha97xRJ8p

Score
7/10
spywarestealerupx

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • UPX packed file 8 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\25a42987eff0bc144eef1e8eeb71a9da_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\25a42987eff0bc144eef1e8eeb71a9da_JaffaCakes118.exe"
    1⤵
      PID:2204

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2204-0-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-1-0x0000000000310000-0x0000000000398000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-2-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-4-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-6-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-8-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-10-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-13-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/2204-15-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download