Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

a86a86c9b7...18.exe

windows7-x64

4

a86a86c9b7...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 22:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a86a86c9b70a5c289395cbaa3c64b40b_JaffaCakes118.exe

  • Size

    581KB

  • MD5

    a86a86c9b70a5c289395cbaa3c64b40b

  • SHA1

    54203acfd864d59e9eefbc4f4614b278272b2047

  • SHA256

    b08c4d9da53aa86239254b7d4bf7fe1d0053e7ec1f63f6134919b5c6f2936e9f

  • SHA512

    f76e6a83b80fa914b17a4bcefa3c538d4e3e388982b47f26cdc0cecf2f39832cc05b815fd466c2d01e4fc572826299e109e1023d839f87d3df11cdd3292efbcf

  • SSDEEP

    12288:gw80KZh/N1tyqvz4An6Se8jeS+ugQbSWFFNiVBPlmKsEad2B2slqclDDzy3CQ:gw80Kx1Aqvz4An6Se86KbbpFCPWn5slE

Score
4/10
discovery

Malware Config

Signatures

  • Drops file in Windows directory 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a86a86c9b70a5c289395cbaa3c64b40b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\a86a86c9b70a5c289395cbaa3c64b40b_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads