Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

30e32d7a8d...18.exe

windows7-x64

5

30e32d7a8d...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    141s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/07/2024, 15:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    30e32d7a8dd27c5864c8fef59e3258ff_JaffaCakes118.exe

  • Size

    631KB

  • MD5

    30e32d7a8dd27c5864c8fef59e3258ff

  • SHA1

    800833fc4cceaa67ee86a619873c1fb84ee9c58c

  • SHA256

    87da6194aa5d1bfc9b998d30a489f5a35cecde385f7fe120624a4c81c23d5acd

  • SHA512

    ff9b73ab343dd71cc50d6d23d63e356d253e37c6ef6ad8a12d8110034cf5c70c3b93dde6771bd521a521e01f347c3c0147805825b1bc1ddea01ea4957b1dce3a

  • SSDEEP

    12288:IT145I8jWtJ8KL27rd69bk5NCgGhSFB7jz9xcUJMYCvNORz015hQjY:Ip4kttKd6F6CNc/JMYCKghQU

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30e32d7a8dd27c5864c8fef59e3258ff_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\30e32d7a8dd27c5864c8fef59e3258ff_JaffaCakes118.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:4252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4252-0-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-1-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-2-0x00000000006C9000-0x0000000000761000-memory.dmp

    Filesize

    608KB

    Download

  • memory/4252-3-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-4-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-5-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-6-0x00000000006C9000-0x0000000000761000-memory.dmp

    Filesize

    608KB

    Download

  • memory/4252-7-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-8-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-9-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-10-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-11-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-12-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-13-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-14-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-15-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-16-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-17-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/4252-18-0x0000000000400000-0x0000000000761000-memory.dmp

    Filesize

    3.4MB

    Download