Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 03:03

General

  • Target

    5a36f2f50cdb5156b02522f871f93210_JaffaCakes118.dll

  • Size

    237KB

  • MD5

    5a36f2f50cdb5156b02522f871f93210

  • SHA1

    d3682c98a0b915ac8aeb6c7f8e7b9d98a1b862f9

  • SHA256

    77f2649315b6105d946b08f4b4427d0c878ad8de28271d35084774ff99c44a04

  • SHA512

    0e3371dd8c6f0c1c5204229feb31288cf989d1ea6c17620174c3fbfaefd96edf318964c41d2ec1dd670a8d56781af2418389013891417b2bdfba414ef874dc9b

  • SSDEEP

    3072:8Z3kDzZeRaRFXpwb8TV/Hv4h3IHd0xphLQ2vUitSDbcTM4Iq2Dskiyil9t3G1t:W3kpesi8T9Md38FiYZwGh1t

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5a36f2f50cdb5156b02522f871f93210_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\5a36f2f50cdb5156b02522f871f93210_JaffaCakes118.dll,#1
      2⤵
        PID:2588

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads