Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 11:49

General

  • Target

    d1dd5311cf63a16c5041b4f495e15044_JaffaCakes118.exe

  • Size

    443KB

  • MD5

    d1dd5311cf63a16c5041b4f495e15044

  • SHA1

    984d011ba18eec2fd34367ac770ea10dde574e51

  • SHA256

    41fede371f902185e2ad1e00eb4e2780fd79572af19c9c64e6d9bfea9e2ae565

  • SHA512

    f971e8bbd1b7e6d3866367e7a27cc380ce342e44dc290ed954f884f83972d78741e02e50be0b4b4537b45c193f07904e7e2e3a9246880999b7ce4142f8ce148d

  • SSDEEP

    12288:kaTgnMvVi60EBSSe1JElXR64kJX4qy5Z:ksgMvViTkS11JErpkJX4qA

Score
10/10

Malware Config

Signatures

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Processes

  • C:\Users\Admin\AppData\Local\Temp\d1dd5311cf63a16c5041b4f495e15044_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\d1dd5311cf63a16c5041b4f495e15044_JaffaCakes118.exe"
    1⤵
      PID:2308

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2308-0-0x0000000000400000-0x00000000007E6000-memory.dmp

      Filesize

      3.9MB

    • memory/2308-2-0x0000000000860000-0x0000000000960000-memory.dmp

      Filesize

      1024KB

    • memory/2308-3-0x0000000000400000-0x000000000047B000-memory.dmp

      Filesize

      492KB

    • memory/2308-7-0x0000000000860000-0x0000000000960000-memory.dmp

      Filesize

      1024KB

    • memory/2308-6-0x0000000000400000-0x000000000047B000-memory.dmp

      Filesize

      492KB

    • memory/2308-5-0x0000000000400000-0x00000000007E6000-memory.dmp

      Filesize

      3.9MB