Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 08:42 UTC

General

  • Target

    386e3ca3c4da724123dd6b5e956dfa79_JaffaCakes118.exe

  • Size

    118KB

  • MD5

    386e3ca3c4da724123dd6b5e956dfa79

  • SHA1

    37b5f080319a7756af3278309c70b07e3dd29e38

  • SHA256

    7e01330efa0b1b7b9f24e24aa022dcfbaccd02623a80aad112d832d1da892f2c

  • SHA512

    19b9410d7ad542d2a2c7067de27f0da7022e0f80d7635bebb137ee59766bc92b8fbfa284ad32a949f76ec43b12be70f0a3a900eec198ce2729a49268ec972d1d

  • SSDEEP

    3072:uW3lGFVOYZ17hTikSdqfYVGgNmBcEfTBZHbXCzCb:DiOYNTiT31NmSETzQs

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\386e3ca3c4da724123dd6b5e956dfa79_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\386e3ca3c4da724123dd6b5e956dfa79_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:780
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 780 -s 36
      2⤵
      • Program crash
      PID:2468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/780-0-0x0000000000400000-0x000000000044F000-memory.dmp

    Filesize

    316KB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.