Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
32e73da0e87...18.exe
windows7-x64
72e73da0e87...18.exe
windows10-2004-x64
7$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system -
submitted
09/07/2024, 00:57
Static task
static1
Behavioral task
behavioral1
Sample
2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ExtractDLL.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ExtractDLL.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240704-en
General
-
Target
2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
-
Size
204KB
-
MD5
2e73da0e871dca3c0a8360474f8a5e2b
-
SHA1
652c2cb7318fc2b49a6ff17c8a099c33c32e01f7
-
SHA256
3383c78a3caacae4f82381f0d83ad26eea1e1be5b04613338e7455687393354b
-
SHA512
5f9a4528028ab2492f3fceb0b3178f4d76f2e2959d9f3b81ffcd24b7ffee694252b41c4755287e3d0f3848fe21a9536dc636e6bc00440b998eb1a72e77de1a6b
-
SSDEEP
3072:+bI7pSg/D41XJnM2QawEi7ExnD/OveIxPL904OU2Xkce57WiiYTnd:4NSD+pM2OEjxnD/OGIxxn0XcWit
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 536 2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14KB
MD5eca460272800136da217dff3c8953df0
SHA164e9ec022913d66b58ab5a8dbbfe7dd35d077824
SHA256fd74339ffd5a66781a333005f065a3978ca7916cc56e73ec9598262c72a33ff8
SHA512f92ccca98551fde68db761f58ac36e76319dde137dd0cff80f0f67f473412000ffba774074416e6907049c6b4c71ccbc853c33f4e489ba2b4f50badc2739b747
-
Filesize
819B
MD539d26f973406b5b3fe0e190d2c58aac6
SHA146a68316d8ffe7081418aec5010ba24945942c8b
SHA256563fdcad33fc6e654b9c0e2633b54ec5c110a357699af944be9fa2ec2e309f20
SHA512dd1de1da19c884ca5636306b6f903aa140fda0aa493550485716867c94096c55158aacd9ddabb0fc6e84afeac2e1064555137a1414d4025d86e027a062e68df8
-
Filesize
858B
MD54fcea3aa0c5837cd55bf8bff4bcb30d3
SHA1b8e02041cb214d86752a8051b461d21dfba17dea
SHA256ff3a6abf2bd9a7f2acbf71f13da4ac9d19692d237c84ac519f4ccbd566349814
SHA512f4b153aa4131874fda2af908e2546ee573dc4def52cc6fc774060ceade0ec19706eeba08a30ae6963b42bcac6f4fb9bc547ffc54b8730404577236e35bcbd988