Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

5da51036fe...18.exe

windows7-x64

6

5da51036fe...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 20:59 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5da51036fefdf4c7f7db390a094de4e6_JaffaCakes118.exe

  • Size

    108KB

  • MD5

    5da51036fefdf4c7f7db390a094de4e6

  • SHA1

    02640523045d913daf711ee8431aaf0b4c5dbb74

  • SHA256

    6b214ed5011ddf2c53821a9a3d11cfffabbb9c376952131a0dc4f73d463761d4

  • SHA512

    c7967c23db2315c7797c11a20fbf87fe62f7401e372db1aade971e0d5b035eee819f613fe92c126b621386155584ace61a26c15e09008e6ea53bd97d75922e25

  • SSDEEP

    768:y4I9Rgzqn4N8+p1KQqZ8hU07dFzMd24MUlX8HUaD4AMenvHRNjcZPAhT8Hl67bdS:yPRsFx4MBHgFAhQFCdaG40TYPmhbm

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Enumerates connected drives 3 TTPs 21 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops autorun.inf file 1 TTPs 4 IoCs

    Malware can abuse Windows Autorun to spread further via attached volumes.

  • Drops file in Windows directory 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5da51036fefdf4c7f7db390a094de4e6_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5da51036fefdf4c7f7db390a094de4e6_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Enumerates connected drives
    • Drops autorun.inf file
    • Drops file in Windows directory
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1188

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\AdobeRd9.0.exe
    Filesize

    108KB

    MD5

    5da51036fefdf4c7f7db390a094de4e6

    SHA1

    02640523045d913daf711ee8431aaf0b4c5dbb74

    SHA256

    6b214ed5011ddf2c53821a9a3d11cfffabbb9c376952131a0dc4f73d463761d4

    SHA512

    c7967c23db2315c7797c11a20fbf87fe62f7401e372db1aade971e0d5b035eee819f613fe92c126b621386155584ace61a26c15e09008e6ea53bd97d75922e25

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.