Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
140s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
18/09/2024, 23:54
General
-
Target
ea3512912960e71ce5d9c26b9818e142_JaffaCakes118.dll
-
Size
28KB
-
MD5
ea3512912960e71ce5d9c26b9818e142
-
SHA1
4307f6b082bd7feef1feaa7e3726ca86dd39b506
-
SHA256
ec0c74e386224ac26d6b5b29ab1f9add46b7a1a21065df6e33bc55954a8e6cb5
-
SHA512
60bbcb01b7044d79fffcd034aad3a3e0fc487b5ec6843da928721bb99ba4aa0d0d7ff839fa58e3c58dca94b5185c0a0a4048411bec3187e499f662a9dfbe1314
-
SSDEEP
384:Qyuzmk3ySFy81TvV5OFz9X30WkOAYoMUd6ksBDEsTmT5J5AHF16LlAzLG:sM81TvV5EZ30WoHGEGHDx
Score
4/10
Malware Config
Signatures
-
Drops file in Windows directory 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ea3512912960e71ce5d9c26b9818e142_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ea3512912960e71ce5d9c26b9818e142_JaffaCakes118.dll,#12⤵
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
52KB
-
Filesize
52KB