Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

7770882bf3...18.exe

windows7-x64

7

7770882bf3...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 07:55 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7770882bf3ec21cc07360e3e850d1d22_JaffaCakes118.exe

  • Size

    2.0MB

  • MD5

    7770882bf3ec21cc07360e3e850d1d22

  • SHA1

    5dca9d40e24d2b6816a81fdbb43d95b7355f5c3b

  • SHA256

    451c802c5ba36d44f94d41bb73f5d2f10b07c8410d0c9be91ce97020c9f80ccf

  • SHA512

    4ab0a16258d3a53065135699cc598f8b4ab97a7aa2a8b73b00e3fbd4751208380fc0b2d25c11a7181630b1644610f997d0825fcfc44bd9e53eb489a763087ad7

  • SSDEEP

    49152:hSVADMIEQAeXBi70tIIDMIEQAevrI5GZS/ZoE71LGc2eC6JI/Cfnc:hS+fAXYmYfACs5GZAVETeDI/Cvc

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\7770882bf3ec21cc07360e3e850d1d22_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\7770882bf3ec21cc07360e3e850d1d22_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1288

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1288-0-0x0000000000400000-0x00000000004C1000-memory.dmp

    Filesize

    772KB

    Download

  • memory/1288-1-0x0000000000400000-0x00000000004C1000-memory.dmp

    Filesize

    772KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.