Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

413f5a0e0d...18.exe

windows7-x64

1

413f5a0e0d...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 10:12 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe

  • Size

    17KB

  • MD5

    413f5a0e0d70d160260febe6d2985288

  • SHA1

    4bdb798c69a167e55fd23b7555ded759404b7414

  • SHA256

    3a45cc163748e207f6688e7c74ea760f12d755f97fd486a1059fd2ec6ac177b6

  • SHA512

    d3e7a561304df9c55b18871d7231440599719f938db67994c5881806b8d9eac32111ab60cc6f19ee49dc4c0919148717a344ccdd52b7346087cafadb1ddef9c7

  • SSDEEP

    192:bACif8Virtat1U8UKTjKyc9ZmKLKnloYU45i7tIhfrZkBv8tgQC1Wn8:bAHfB4DU1KT2hLf45ixQfrZk8tgfWn

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe"
    1⤵
      PID:2532

    Network

    • flag-us
      DNS
      dl.dropbox.com
      413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe
      Remote address:
      8.8.8.8:53
      Request
      dl.dropbox.com
      IN A
      Response
      dl.dropbox.com
      IN CNAME
      edge-block-www-env.dropbox-dns.com
      edge-block-www-env.dropbox-dns.com
      IN A
      162.125.64.15
    • flag-gb
      GET
      http://dl.dropbox.com/u/36222576/System.exe
      413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe
      Remote address:
      162.125.64.15:80
      Request
      GET /u/36222576/System.exe HTTP/1.1
      Host: dl.dropbox.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      location: https://dl.dropbox.com/u/36222576/System.exe
      date: Sat, 13 Jul 2024 10:12:22 GMT
      server: envoy
      x-dropbox-request-id: e117287516384f589e9154537e2ee7eb
      content-length: 0
    • flag-gb
      GET
      http://dl.dropbox.com/u/36222576/SystemRun.exe
      413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe
      Remote address:
      162.125.64.15:80
      Request
      GET /u/36222576/SystemRun.exe HTTP/1.1
      Host: dl.dropbox.com
      Response
      HTTP/1.1 301 Moved Permanently
      location: https://dl.dropbox.com/u/36222576/SystemRun.exe
      date: Sat, 13 Jul 2024 10:12:22 GMT
      server: envoy
      x-dropbox-request-id: a1b45b284ecb47e299e083be1b174fbe
      content-length: 0
    • 162.125.64.15:80
      http://dl.dropbox.com/u/36222576/SystemRun.exe
      http
      413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe
      517 B
       949 B
       8
      7

      HTTP Request

      GET http://dl.dropbox.com/u/36222576/System.exe

      HTTP Response

      301

      HTTP Request

      GET http://dl.dropbox.com/u/36222576/SystemRun.exe

      HTTP Response

      301
    • 8.8.8.8:53
      dl.dropbox.com
      dns
      413f5a0e0d70d160260febe6d2985288_JaffaCakes118.exe
      60 B
       121 B
       1
      1

      DNS Request

      dl.dropbox.com

      DNS Response

      162.125.64.15

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2532-0-0x000007FEF571E000-0x000007FEF571F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2532-1-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2532-2-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2532-3-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2532-4-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2532-5-0x000007FEF571E000-0x000007FEF571F000-memory.dmp

      Filesize

      4KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.