Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

de2375cdac...18.exe

windows7-x64

7

de2375cdac...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    95s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/09/2024, 09:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de2375cdac81186fe214399e3e59c1d1_JaffaCakes118.exe

  • Size

    1.6MB

  • MD5

    de2375cdac81186fe214399e3e59c1d1

  • SHA1

    96e2d246922f4754ec1e76e757f21ea4b288e667

  • SHA256

    0e7a4317ffe87e9a35d9c550558b23c794c19fe46810f2d5f8d4b35d5b9991a8

  • SHA512

    59a839124c686ec1b8c668bee470b5925258642cfc3e2e4dfbddf473006887e1734a22369e09a3d8184af35f4e647d47f28fd053fd7e2f42064394866b4b651d

  • SSDEEP

    24576:lpi6eMDSwaeH8wpZ1FGgmfOCa+uRgiNOnfD3RgUOscZXI:lpowaeH8+Z1pmfOj9o73RgUOF2

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 8 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\de2375cdac81186fe214399e3e59c1d1_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\de2375cdac81186fe214399e3e59c1d1_JaffaCakes118.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    PID:3764

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\7-Zip\7z.exe-
    Filesize

    2.2MB

    MD5

    901b41fcb245b66b9144191952aa339f

    SHA1

    7d643803455433f5531a19570222bb0d21f86669

    SHA256

    c6c75c3c3b33371789edfccb2b0d9484c46211682e61c547ceedf38f023a24aa

    SHA512

    d8ce149d4bb38905f31cce9ecdaefce03b80f5fd9a4fb211bc9396cb72362f17b11644452d36140556a1c86d6a9edff2216d7e689c0e4343c42c3e524a2ea269

    Download Submit

  • memory/3764-0-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3764-1576-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3764-1575-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3764-4013-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3764-4245-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3764-4246-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3764-4251-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download