Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4025fa494b...18.exe

windows7-x64

7

4025fa494b...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 04:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4025fa494bc7330164b3780bf5d8dec4_JaffaCakes118.exe

  • Size

    288KB

  • MD5

    4025fa494bc7330164b3780bf5d8dec4

  • SHA1

    4f135ced08f64a4d210b1f433d6120d3e23df1d6

  • SHA256

    16610b4496d9d0cb17bfaa966414b17af43cc647d2301bc0504aca62cf28c02a

  • SHA512

    66895c3b3e6fe752fc531ae4f845c19e7b7243de14463caa3b29504dbd1f794538ecd26953879ad1c11851692e0fe61e0d0d008f0f68836c24376eb784500846

  • SSDEEP

    6144:LA98Pt7B9Cg6MUQ67/VsLFv30OuTGtTBqrVr:LA98Pt7B9Cg6M5eVO53KGtTY

Score
7/10

Malware Config

Signatures

  • Unexpected DNS network traffic destination 1 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Suspicious behavior: EnumeratesProcesses 25 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4025fa494bc7330164b3780bf5d8dec4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4025fa494bc7330164b3780bf5d8dec4_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads