Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

d077eef490...18.exe

windows7-x64

1

d077eef490...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 21:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d077eef49072bf4a7618545a153791e2_JaffaCakes118.exe

  • Size

    42KB

  • MD5

    d077eef49072bf4a7618545a153791e2

  • SHA1

    8abad062ff12aeb055424f1baabc6c5a3f1a5093

  • SHA256

    81ef21ca9f5e28aad9df738479ce2859a85391b8c90adbf24dba5075c0721fe9

  • SHA512

    fa2d41c2f40bf75388a340e14f4553d1b90f2eec998ff7f1b7ae68e1c278fed8eaabd3ee61dd01086b173ded00e9e816e98f0e6f63968cb72bb2ca4200c2a9f2

  • SSDEEP

    768:zwKizvwRHliuMDupzrCXu0kXgJEjVYHnsJDIDoUWkxDoZo85/A7uv8BuLGThhGcw:zKzvwtliuMAXCXxkXgJCVYHnsJooUWkX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1152
      • C:\Users\Admin\AppData\Local\Temp\d077eef49072bf4a7618545a153791e2_JaffaCakes118.exe
        "C:\Users\Admin\AppData\Local\Temp\d077eef49072bf4a7618545a153791e2_JaffaCakes118.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of WriteProcessMemory
        PID:236

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/236-0-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/236-2-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1152-1-0x0000000002E80000-0x0000000002E87000-memory.dmp

      Filesize

      28KB

      Download