Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

2846919900...18.doc

windows7-x64

1

2846919900...18.doc

windows10-2004-x64

1

decrypted.xlsx

windows7-x64

1

decrypted.xlsx

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2024, 10:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2846919900ee304d7d0910e96b42e3cb_JaffaCakes118.doc

  • Size

    2.3MB

  • MD5

    2846919900ee304d7d0910e96b42e3cb

  • SHA1

    be7ee7d9bcd35bbe5e6fbdf7857e3b4e0917e455

  • SHA256

    5ed23c0eae8c4aeac06e83d0645e5e935863217d855a51e8063fb9053e54ed2b

  • SHA512

    9d455f5bef8bea4f26f5b3d05de7c0a2341398700096a37b04d4892c6c2df9892536545db8c45ae12b4f17249c2809432d13152fb380fd3070d5b773c4375d17

  • SSDEEP

    49152:7krpG2bWOm3vjo9eAltW0jEPt6gj70jKiSCEYa2B:cs2bJm3vjr6t2lL4g2B

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\2846919900ee304d7d0910e96b42e3cb_JaffaCakes118.doc"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2672-0-0x000000002F391000-0x000000002F392000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2672-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2672-2-0x000000007163D000-0x0000000071648000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2672-4-0x000000007163D000-0x0000000071648000-memory.dmp

    Filesize

    44KB

    Download