Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
24/07/2024, 01:12
General
-
Target
69b31e02640914908ec665af328039de_JaffaCakes118.dll
-
Size
71KB
-
MD5
69b31e02640914908ec665af328039de
-
SHA1
41fceb7d267d479387d4467a02dfd7d83257001a
-
SHA256
0d22e302c74b594cf1bd0352f1229fb2c6d0304b0a37b1fb73583a9752bb76c8
-
SHA512
f70a8c4a1fd7d8703b6c2bcdc5fdbcb1158627be9ea72631060d54268ee23f29d5cd36fb24f0b77f522fcc950e25b193aa6531e757545ae21b253fd8ae7816fb
-
SSDEEP
1536:Q9BNSwDTg7ihEBla56go0Gffe9dDrs2gjKC8XzDQ1nDmBSh:Q9BNSuguhms5FVdDrNgTIfcD1h
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\69b31e02640914908ec665af328039de_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\69b31e02640914908ec665af328039de_JaffaCakes118.dll,#12⤵
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
52KB