Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

bdce82b467...18.exe

windows7-x64

3

bdce82b467...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2024, 02:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bdce82b4679e8490e8c59b9f7a8e8786_JaffaCakes118.exe

  • Size

    30KB

  • MD5

    bdce82b4679e8490e8c59b9f7a8e8786

  • SHA1

    5243e5fe6b575669645e15362ac244a2b1927186

  • SHA256

    cae1fca74a4d9fd78bd8176a4f162b642eb3260eb3f29aa9f061ba21c91d6195

  • SHA512

    97476f52a4ab99791c87573c2a5396c6a2a93b3575616a1f1bbe2a767e7e37d1ed79efd9d8b4a00ceab06dfd0ba4f41ca90c7a097f30af2f6c51660f734b5a2a

  • SSDEEP

    24:eFGSxvjxeD0Z7IGmB2P7Jijhndpq5vvOBVeEljd6QBe35Vo78kcNK47:ixvdUtG7kjDu2BhD6QBeno78kKD

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\bdce82b4679e8490e8c59b9f7a8e8786_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\bdce82b4679e8490e8c59b9f7a8e8786_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4968
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4968 -s 224
      2⤵
      • Program crash
      PID:2708
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4968 -ip 4968
    1⤵
      PID:4592

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads