Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

889c6095db...18.dll

windows7-x64

3

889c6095db...18.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    16s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 02:17 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    889c6095dbe66ceae5d631a1f7f2a8d4_JaffaCakes118.dll

  • Size

    14KB

  • MD5

    889c6095dbe66ceae5d631a1f7f2a8d4

  • SHA1

    ee8572b1578d8c34399f21a2300ab4bf0c2bd72d

  • SHA256

    6397701871065febba146b6b099f5884c8b0464bfaf9b3ef08002a4cb2ddca24

  • SHA512

    22323ce74f829a5772f1aabf6f8cf39ea747e3a6535ec7c1bb2f60e908bd8be192c8ccb914a6e46470ea8813009d13d2da71df4c638203d96d713c1181ddd411

  • SSDEEP

    192:v2WhKfUTXiqYT7F9UqL/+KdCM1/CyifwIh8ZFeFV+hxVQDJZd+kLdydpSN8:vdofU7bHq7QM1p68ZYYxVQlZhoX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\889c6095dbe66ceae5d631a1f7f2a8d4_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\889c6095dbe66ceae5d631a1f7f2a8d4_JaffaCakes118.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:1628

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.