Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

c7a10c92e9...18.exe

windows7-x64

7

c7a10c92e9...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CORE_RL_bzlib_.dll

windows7-x64

3

CORE_RL_bzlib_.dll

windows10-2004-x64

3

CORE_RL_glib_.dll

windows7-x64

3

CORE_RL_glib_.dll

windows10-2004-x64

3

CORE_RL_lcms_.dll

windows7-x64

3

CORE_RL_lcms_.dll

windows10-2004-x64

3

CORE_RL_lqr_.dll

windows7-x64

3

CORE_RL_lqr_.dll

windows10-2004-x64

3

CORE_RL_magick_.dll

windows7-x64

3

CORE_RL_magick_.dll

windows10-2004-x64

3

CORE_RL_ttf_.dll

windows7-x64

3

CORE_RL_ttf_.dll

windows10-2004-x64

3

CORE_RL_wand_.dll

windows7-x64

3

CORE_RL_wand_.dll

windows10-2004-x64

3

CORE_RL_zlib_.dll

windows7-x64

3

CORE_RL_zlib_.dll

windows10-2004-x64

3

glib-2.dll

windows7-x64

3

glib-2.dll

windows10-2004-x64

3

gmodule-2.dll

windows7-x64

3

gmodule-2.dll

windows10-2004-x64

3

icudt56.dll

windows7-x64

1

icudt56.dll

windows10-2004-x64

1

icuin56.dll

windows7-x64

3

icuin56.dll

windows10-2004-x64

3

icuio56.dll

windows7-x64

3

icuio56.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/08/2024, 20:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c7a10c92e93cb847bac8537977071600_JaffaCakes118.exe

  • Size

    15.5MB

  • MD5

    c7a10c92e93cb847bac8537977071600

  • SHA1

    5b5a206bef5d16c7b3542be809cf7b5ec2b18067

  • SHA256

    aa63d723e0fde39bd468725d9ab31e22fded6f389399dc31f1ccf8bf87bee110

  • SHA512

    205a14d9b8f1b3cb336337cc783e3416700a781806971aef9d6aec804f054cdf32880fde402f0631b8ee3019320d76d8a05fc7f8068c5402ed0c3e4fe3b25abf

  • SSDEEP

    393216:A+r+bygmIDk8Ed+D+U6IfWgflcNTTBu+9C6ubw4WOzC7vR+pR:A+r++RIDk7DrIfWQlUMbwAq8R

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\c7a10c92e93cb847bac8537977071600_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\c7a10c92e93cb847bac8537977071600_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:2612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nse77C2.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    046074d285897c008499f7f3ad5be114

    SHA1

    159040d616a056ee3498ec86debab58ef5036a55

    SHA256

    254c5ccbce59ad882f7f51d0bf760cabde8c88c5af84e13cc8ad77ba0361055c

    SHA512

    ab7436fda44e340dd5909ddec809c6b569a90d888529ef9320375e1aae7af85afcab8c1c1618551d3fe8d6ae727f7dca97aa8781b5555da759d501d2ccd749e1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse77C2.tmp\System.dll
    Filesize

    10KB

    MD5

    0ff5120f1afd0f295c2baa0f7192d3f8

    SHA1

    bde842d5d11005dcb4ff1d4ea97da31865477697

    SHA256

    4ca5bf1beb4b802914c4d3e2f37861f6ba5ecf969cfeadf5855edf58f647a721

    SHA512

    e049ffd7aace8d136eee007ee4f8dbc2ae8f3dce79d1c633d9654392240f8215787df8a6d08085257db51f28ff2a8023a13333dda3ea7f9bdc8b9c57b605f0a0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nse77C2.tmp\ioSpecial.ini
    Filesize

    732B

    MD5

    8e8e7ca2c9ae5d84a2d60c17eee927cd

    SHA1

    12df6c6c5974b00734bace9259089bc41e5c2187

    SHA256

    a408975d7876e29652c3ba63ef5f9d1177104ce8ece8240c574de96218d4818c

    SHA512

    c5f5c1ef265783bb069287ead301dadde54b96f9c24ee3ce914689c6744d5a2f9ad41bd7a52e019203b0de1249fc6949ac014b18f350c9235ad85c98d24d6441

    Download Submit