Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

3a52ac14c6...18.exe

windows7-x64

7

3a52ac14c6...18.exe

windows10-2004-x64

7

$PLUGINSDI...am.dll

windows7-x64

3

$PLUGINSDI...am.dll

windows10-2004-x64

3

$PLUGINSDI...ew.dll

windows7-x64

3

$PLUGINSDI...ew.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

1

$PLUGINSDI...ns.dll

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

1

$PLUGINSDI...LL.dll

windows10-2004-x64

1

$PLUGINSDI...te.dll

windows7-x64

1

$PLUGINSDI...te.dll

windows10-2004-x64

1

$PLUGINSDI...nd.dll

windows7-x64

3

$PLUGINSDI...nd.dll

windows10-2004-x64

3

$PLUGINSDIR/stack.dll

windows7-x64

3

$PLUGINSDIR/stack.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...am.dll

windows7-x64

3

$PLUGINSDI...am.dll

windows10-2004-x64

3

$PLUGINSDI...ew.dll

windows7-x64

3

$PLUGINSDI...ew.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

1

$PLUGINSDI...ns.dll

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

1

$PLUGINSDI...LL.dll

windows10-2004-x64

1

$PLUGINSDI...te.dll

windows7-x64

1

$PLUGINSDI...te.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2024, 18:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a52ac14c60c65991d37626910e92329_JaffaCakes118.exe

  • Size

    383KB

  • MD5

    3a52ac14c60c65991d37626910e92329

  • SHA1

    0a4acd1e745dee3370c93503f2ef4f4ed0a5a761

  • SHA256

    cf2d6159d215863acbe6bb5eccf9fdfb42a89f77c426fc37e876250c54f8a767

  • SHA512

    d337bf090e4da22d5f433cab779e219c7ae2f440c34cb6b2d11e78aa9b65f99b7294ae2ff09e2451bbde80a03a9be57d070186ea5fc0c43fc71b7af3827409bc

  • SSDEEP

    6144:qe34TgrDByBCeRug6rFZ530rhwa6/9Lj8obuArBJzgRnVlCCp9pgByBCezug6rFO:J7O6Z30W51NBgtVln9pEu6M

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a52ac14c60c65991d37626910e92329_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3a52ac14c60c65991d37626910e92329_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:5108

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsuABD1.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    eef9e469e8a30717974499f277d97e2a

    SHA1

    2d33c25984ebd9116beeb55cdde4c5c86c023e5d

    SHA256

    1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078

    SHA512

    d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsuABD1.tmp\ioSpecial.ini
    Filesize

    656B

    MD5

    7eddca0308a0262ce6182136ccf8e387

    SHA1

    cdd3e8d33d7b5e03b176df3c7443ef7dcd876b2c

    SHA256

    8edf3179c4d24a29cf9d604cfd6961be29cf8574749c2613e1d0da9103ec3037

    SHA512

    06419a56ae80907462a7c32d68795645f4bf3dc6989b832aed646d87a4811bc895ebe7a110386e14ce67aae4931b09b9069251c0df55689ae29f562ee91ad70f

    Download Submit