Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

d34f7280b2...18.exe

windows7-x64

7

d34f7280b2...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CoCode.dll

windows7-x64

3

CoCode.dll

windows10-2004-x64

3

SDL.dll

windows7-x64

3

SDL.dll

windows10-2004-x64

3

SsmpVlogLayerComm.dll

windows7-x64

3

SsmpVlogLayerComm.dll

windows10-2004-x64

3

UFDeMux.dll

windows7-x64

3

UFDeMux.dll

windows10-2004-x64

3

UFSource.dll

windows7-x64

3

UFSource.dll

windows10-2004-x64

3

UPnPNat.dll

windows7-x64

3

UPnPNat.dll

windows10-2004-x64

3

UUPlayer.exe

windows7-x64

3

UUPlayer.exe

windows10-2004-x64

3

UUPlayer.dll

windows7-x64

3

UUPlayer.dll

windows10-2004-x64

3

UUSeeMediaCenter.exe

windows7-x64

4

UUSeeMediaCenter.exe

windows10-2004-x64

4

UUUpgrade.exe

windows7-x64

3

UUUpgrade.exe

windows10-2004-x64

3

UUUpgrade.dll

windows7-x64

3

UUUpgrade.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/09/2024, 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d34f7280b2130f75e72f9af59808931c_JaffaCakes118.exe

  • Size

    2.7MB

  • MD5

    d34f7280b2130f75e72f9af59808931c

  • SHA1

    d6fff30e102faea23f1d45ad895441f53d6357dc

  • SHA256

    c01c0bce2f0088ebdd2f006b207ab1a2e033c455c59fc21b4e8bffcd2fd20077

  • SHA512

    49c76c033ab3a04bf0bdd777a22b97e9aafb84ab15659315e6866d3f06cf331d4ebf4430059378b0c3734c4310e74bad84c01ee67ee82a2c69099ea2707be705

  • SSDEEP

    49152:f1xQ/z82YosJOvA3Mdr96tdzLMKxAyg9hrM/lh6tsVoI:36o3osV3MZ96npun9ZiPAnI

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\d34f7280b2130f75e72f9af59808931c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\d34f7280b2130f75e72f9af59808931c_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:1536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsi8185.tmp\InstallOptions.dll
    Filesize

    12KB

    MD5

    3c19f79ce11facc2fc4d3351dbb263e0

    SHA1

    17f4bf4b18ea7700f70ac7d825dc997be0d25f71

    SHA256

    cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9

    SHA512

    05c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsi8185.tmp\ioSpecial.ini
    Filesize

    633B

    MD5

    3020cdff447d5e8edf40867267940b02

    SHA1

    2b7faebb86944d9dc9eabdc3212cf7abe7a2904a

    SHA256

    3586afeffce42681944a0964406e45aa58110f6fa358f764bcc9a935ad9dc058

    SHA512

    ea8581dfb7af2bf73683dda34aca14cbf57f4a8355be2de5f4916676d4675ec5099c24d730858106f43f400a3d74babc56f72c36017ae8d17fd5f6787d368b12

    Download Submit