Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

95ccd8cf6d...18.exe

windows7-x64

3

95ccd8cf6d...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/08/2024, 10:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95ccd8cf6da6f6a36f6e09587b09eb9c_JaffaCakes118.exe

  • Size

    505KB

  • MD5

    95ccd8cf6da6f6a36f6e09587b09eb9c

  • SHA1

    91278c9d40acdb3885ae8dac377ca7d4c8e3c2f0

  • SHA256

    1a3eb48bfd5b732e82ce0b614391a0ef3db6727122f293d44de1640feb43aba8

  • SHA512

    acce1054539c25a38f970193e6519c7e5f4e14309ac9e367e1328d605836ad6f88dfa668b1dd8c13a0587186af1d6af9c5af786505bb3a99697734cca67ad74c

  • SSDEEP

    12288:GDjwFOYAF6VTiJPiBCLlMH5Oo7Dd/Ik35j0O0n0dBhn+e:WWOPFQTicBCLlMH5b7D1IE5jPjn+e

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies registry class 10 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\95ccd8cf6da6f6a36f6e09587b09eb9c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\95ccd8cf6da6f6a36f6e09587b09eb9c_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\dat145B.tmp
    Filesize

    17KB

    MD5

    d31ff214e2bbecb13441a3e2fe0dd55d

    SHA1

    bb877eaf5077b9fb96fff8e759f556014bb23f58

    SHA256

    36a8948521dcc7b11775f6f824f1bc329bcb9d905f12937c2bb5a90ddd1bc406

    SHA512

    bea334a35a28a835362f94ffe153066f663ac3adf71383cea8fdaab24ffc29b0010e03f91edac7e0b149ad886dc5a2e8f48baca56bb667a887696fd95ff23c2d

    Download Submit

  • memory/2160-0-0x0000000000300000-0x0000000000301000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2160-97-0x0000000000400000-0x00000000004A0000-memory.dmp

    Filesize

    640KB

    Download

  • memory/2160-99-0x0000000000300000-0x0000000000301000-memory.dmp

    Filesize

    4KB

    Download