Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
32e73da0e87...18.exe
windows7-x64
72e73da0e87...18.exe
windows10-2004-x64
7$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
09/07/2024, 00:57
Static task
static1
Behavioral task
behavioral1
Sample
2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ExtractDLL.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ExtractDLL.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240704-en
General
-
Target
2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
-
Size
204KB
-
MD5
2e73da0e871dca3c0a8360474f8a5e2b
-
SHA1
652c2cb7318fc2b49a6ff17c8a099c33c32e01f7
-
SHA256
3383c78a3caacae4f82381f0d83ad26eea1e1be5b04613338e7455687393354b
-
SHA512
5f9a4528028ab2492f3fceb0b3178f4d76f2e2959d9f3b81ffcd24b7ffee694252b41c4755287e3d0f3848fe21a9536dc636e6bc00440b998eb1a72e77de1a6b
-
SSDEEP
3072:+bI7pSg/D41XJnM2QawEi7ExnD/OveIxPL904OU2Xkce57WiiYTnd:4NSD+pM2OEjxnD/OGIxxn0XcWit
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 1928 2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1928 2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
820B
MD5abaf1e780e5c51d0f56ce33e542352cc
SHA102590aa62fdb0a5566b33aadc8c191888b373c31
SHA256c8c66ebe901eddfcb188c735719ad99b09840731ca7b89bbdecb5bbd890cee21
SHA512940604f1ffbfbf6a9c716a3a6c4899aae6cc0cbdd391eef3d7dfc2e83e738a86f91e84a6ee1e9f788e6f362c30f755b3af83a366df21f905e5ee8ca4a430e002
-
Filesize
859B
MD5c286eb412ef9d3b4b32a6adda60440cd
SHA16fa2060f45a8440a42c776ecd8436740a0c10399
SHA25617ad0aeb32d2cefe86e87620db5605dfc80b4b09166ab2af7ee1567350061a09
SHA512e0b2a3701e6ca967c59bba3169a6b8644c71b794ce011e15ebc9a721642c7a59f54fba391a6674ef4499769ea21d43e20cd954ce589185a4e3bba5a225eda0bf
-
Filesize
14KB
MD5eca460272800136da217dff3c8953df0
SHA164e9ec022913d66b58ab5a8dbbfe7dd35d077824
SHA256fd74339ffd5a66781a333005f065a3978ca7916cc56e73ec9598262c72a33ff8
SHA512f92ccca98551fde68db761f58ac36e76319dde137dd0cff80f0f67f473412000ffba774074416e6907049c6b4c71ccbc853c33f4e489ba2b4f50badc2739b747