Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

735ec9e604...18.exe

windows7-x64

3

735ec9e604...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2024, 08:53 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    735ec9e6040ad6140ef50b53718beb71_JaffaCakes118.exe

  • Size

    3.4MB

  • MD5

    735ec9e6040ad6140ef50b53718beb71

  • SHA1

    fe32546e75db6c1a1f7c56fdc214d8ae5c33abb0

  • SHA256

    d3c10cf66f63f505e86b29f4d5f67b703c7554b3fcae24497ebb3d5c3fe1556c

  • SHA512

    cc3ae7eca6b2565b7821bf4021db1f977186c3692bc7cdd05861e2db7add8f570edc37db1acd0a6b9393848aaf01e79abd21d8c4e5b2f3f64eaf19104d0b1c5f

  • SSDEEP

    98304:C967FvJLQYiyl/4UQofiAWoUwM7MZ4EjU5ANoeWPld:Cg7FvJQoiUQozUdQ4F5PeWtd

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\735ec9e6040ad6140ef50b53718beb71_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\735ec9e6040ad6140ef50b53718beb71_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3036 -s 144
      2⤵
      • Program crash
      PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3036-0-0x0000000000400000-0x0000000001A6B000-memory.dmp

    Filesize

    22.4MB

    Download

  • memory/3036-1-0x0000000000400000-0x0000000001A6B000-memory.dmp

    Filesize

    22.4MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.