Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

3cba8951a4...18.xls

windows7-x64

1

3cba8951a4...18.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 08:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3cba8951a4f7d01b0a4c36a05dd5bd54_JaffaCakes118.xls

  • Size

    58KB

  • MD5

    3cba8951a4f7d01b0a4c36a05dd5bd54

  • SHA1

    744d89e24755e28d6ae24aa6d7d1b821e65e0049

  • SHA256

    6c9a096f226eba467c4b69a92e5b460ce0f8a05ad380da7b99a998283a4b31ad

  • SHA512

    f41c68962535be0f4bc0139d192ac1b1bc696fccca2f62bf4109b81625ccf9a7416cbcdb9061e11f2c40d10398961b03e9a0ab886c3cfb16864691c66e92d08d

  • SSDEEP

    768:BfPjjdz37y3VEn4QDH4W07Uoee4ROlJZOXueu6S55LYBBDjDvOV267:Nbjdz37EVnnSeAO5ODjEG2g67

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\3cba8951a4f7d01b0a4c36a05dd5bd54_JaffaCakes118.xls
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2052-0-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2052-1-0x000000007261D000-0x0000000072628000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2052-2-0x000000007261D000-0x0000000072628000-memory.dmp

    Filesize

    44KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.