Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4d3479e480...18.exe

windows7-x64

7

4d3479e480...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 06:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4d3479e48021737f0236b237cbe5be7b_JaffaCakes118.exe

  • Size

    282KB

  • MD5

    4d3479e48021737f0236b237cbe5be7b

  • SHA1

    30db23f3bdc82e7b5e4db2f6607188d18c0f123e

  • SHA256

    2e450a9b72eb82b052b63cc034cfbe233c1582faa4eea395b861504f39fccde3

  • SHA512

    519e0d68b24f867ec95cfba5ee32b1fced733ee069cf1a17d64ddeb4e6064445f8bb8ab771a18f17ee3c5c86bcca85306712bccaa8955744b44159e404e6673d

  • SSDEEP

    6144:cEKTUVXxexXry6MGdXOA6CFeC5MHf9+IiAWfqU5OmBROK2X1JF9U73bc7dL6Iy7E:cEiWX4BG6jewfMf9EAWiUpiMuLbK4V

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4d3479e48021737f0236b237cbe5be7b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4d3479e48021737f0236b237cbe5be7b_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu-0524.dll
    Filesize

    249KB

    MD5

    adb647de203421001356defee6fa3dab

    SHA1

    393278ddf756d236be35779666066c544acc7458

    SHA256

    c96807e91b41cbf4db5d3a97cc68662df344912f310b738b045501ac2c9eb5fd

    SHA512

    62024663db7af728ada8f73772c30d9ac9ec3486f0b1cd04c918d3ef3aa09d696c3dc063611b7fb6b661b0acc875f1cbd0ec73f9caab4cbdae83f652f294e821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{E071DA46-9EC2-0D0C-EFE7-D6E03B92F8B0}\_Setup.dll
    Filesize

    169KB

    MD5

    595458696f906577db8f3ff737609aae

    SHA1

    aa3a6e42ce0219a27f956ba3cf6197051da5d84f

    SHA256

    cf46cc397954a6be26a3dc94d2370c00f175231c897be060d53c465cc06bab81

    SHA512

    f23721550d02acda9b2429309e52b5a2675eb760b9c36ab4473636bf6f8d9c1835fedc44d45cf8adb7848879c4fabe45d09937903cbd9718caa287c1ed4eb648

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{E071DA46-9EC2-0D0C-EFE7-D6E03B92F8B0}\_Setupx.dll
    Filesize

    22KB

    MD5

    d60016e0c131f41b19004fdedd805d86

    SHA1

    3504f9fb4e7fa0a4705d658c879f6862f60946e5

    SHA256

    b5135a0209978e9b88f77ae4e3567d8ab8f241bb6f3723c68f998d247cb01952

    SHA512

    398444d4befe6816e7029d6df8637ba5ad2a3060012386c9d199249507cd160abc11f46b7257bd1f1c87178802dc66552d3b02d5bb3e4730f0c429451a111573

    Download Submit