Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

46fc9c3f0b...18.exe

windows7-x64

3

46fc9c3f0b...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 18:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    46fc9c3f0b2cb404b5d2f55e76886763_JaffaCakes118.exe

  • Size

    215KB

  • MD5

    46fc9c3f0b2cb404b5d2f55e76886763

  • SHA1

    55dad8f50b2b17271623bb3f3923c1e963a26d91

  • SHA256

    5c05c7b7bace103ed8af779d5f383ca53eb5ce84fa9430ed2c95b8050915c23d

  • SHA512

    2a116940b6882654ac5d2c33e0a00078a96673c7b53883f1e9887835153ad11e28439d27ac535a3fb9ab2e395c7ada081744e2455601b47c1164a72395906d12

  • SSDEEP

    3072:FzAKb/OW+OTwgkNZ0UMKRovRrHTyxL/zZy9TNz+E4Gm4Rq13bnPoMbLwAyS8c/je:Fv/OW+OT6f+rHTyxJFE4GmJ/D+Oqz0Cz

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\46fc9c3f0b2cb404b5d2f55e76886763_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\46fc9c3f0b2cb404b5d2f55e76886763_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2360 -s 252
      2⤵
      • Program crash
      PID:2980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2360-0-0x0000000000400000-0x000000000043A000-memory.dmp

    Filesize

    232KB

    Download

  • memory/2360-1-0x0000000000230000-0x000000000026A000-memory.dmp

    Filesize

    232KB

    Download