Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2e73da0e87...18.exe

windows7-x64

7

2e73da0e87...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/07/2024, 00:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe

  • Size

    204KB

  • MD5

    2e73da0e871dca3c0a8360474f8a5e2b

  • SHA1

    652c2cb7318fc2b49a6ff17c8a099c33c32e01f7

  • SHA256

    3383c78a3caacae4f82381f0d83ad26eea1e1be5b04613338e7455687393354b

  • SHA512

    5f9a4528028ab2492f3fceb0b3178f4d76f2e2959d9f3b81ffcd24b7ffee694252b41c4755287e3d0f3848fe21a9536dc636e6bc00440b998eb1a72e77de1a6b

  • SSDEEP

    3072:+bI7pSg/D41XJnM2QawEi7ExnD/OveIxPL904OU2Xkce57WiiYTnd:4NSD+pM2OEjxnD/OGIxxn0XcWit

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2e73da0e871dca3c0a8360474f8a5e2b_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nse27E.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    eca460272800136da217dff3c8953df0

    SHA1

    64e9ec022913d66b58ab5a8dbbfe7dd35d077824

    SHA256

    fd74339ffd5a66781a333005f065a3978ca7916cc56e73ec9598262c72a33ff8

    SHA512

    f92ccca98551fde68db761f58ac36e76319dde137dd0cff80f0f67f473412000ffba774074416e6907049c6b4c71ccbc853c33f4e489ba2b4f50badc2739b747

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse27E.tmp\ioSpecial.ini
    Filesize

    819B

    MD5

    39d26f973406b5b3fe0e190d2c58aac6

    SHA1

    46a68316d8ffe7081418aec5010ba24945942c8b

    SHA256

    563fdcad33fc6e654b9c0e2633b54ec5c110a357699af944be9fa2ec2e309f20

    SHA512

    dd1de1da19c884ca5636306b6f903aa140fda0aa493550485716867c94096c55158aacd9ddabb0fc6e84afeac2e1064555137a1414d4025d86e027a062e68df8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse27E.tmp\ioSpecial.ini
    Filesize

    858B

    MD5

    4fcea3aa0c5837cd55bf8bff4bcb30d3

    SHA1

    b8e02041cb214d86752a8051b461d21dfba17dea

    SHA256

    ff3a6abf2bd9a7f2acbf71f13da4ac9d19692d237c84ac519f4ccbd566349814

    SHA512

    f4b153aa4131874fda2af908e2546ee573dc4def52cc6fc774060ceade0ec19706eeba08a30ae6963b42bcac6f4fb9bc547ffc54b8730404577236e35bcbd988

    Download Submit