Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

5c1a0bedf7...18.exe

windows7-x64

1

5c1a0bedf7...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2024, 13:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5c1a0bedf7ce89de12654fc2b36467fc_JaffaCakes118.exe

  • Size

    631KB

  • MD5

    5c1a0bedf7ce89de12654fc2b36467fc

  • SHA1

    dc18b79f797778f304c843c113bc96ad23c55225

  • SHA256

    fb39a2aaf9f7d7715dbd2dc5bd5792bf5a9c959649ebb2c263c271cd80edfb4e

  • SHA512

    1b173917cf03ea264c30866f11f177b18603ae1b3146bd1e379841e160bbb4b077d93b0483b4177c9c67866c6624d8e4483266c599af74e2aecaec435c52dd06

  • SSDEEP

    12288:gNoFmw6FvnRuzg/axX7JY+eSUSuuFi4A547+8pVpDckHxYfptU:gNlw8vnRuzg/axLJY+cSJFi4ACy8pVpj

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5c1a0bedf7ce89de12654fc2b36467fc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5c1a0bedf7ce89de12654fc2b36467fc_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\offconfig.temp
    Filesize

    576B

    MD5

    b48fb6751d2e42116ebe7eb26b008697

    SHA1

    49c4649ae87ea0ca628e267f7ff58fc398c91f6e

    SHA256

    975a38c75debfdb30d8259227b8500c3345f7ceccc6da3225cb052e621af11f4

    SHA512

    34872c49cff8343db98de462427bb3fc8391deea47741e0ea87dd310007810e915be4099f27450dc437afcdc2c0b9d8d02b31b144304ce4db999a4a3b96fbc79

    Download Submit