Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

fdc24ec29a...18.exe

windows7-x64

3

fdc24ec29a...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 04:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fdc24ec29ab1c3a89e157e14c8f39cb0_JaffaCakes118.exe

  • Size

    478KB

  • MD5

    fdc24ec29ab1c3a89e157e14c8f39cb0

  • SHA1

    3ef7085a4eee6c821728678abbbffaa9f2b4229c

  • SHA256

    ddd6d21ff30757a71cfcc777588f0115ee838f66bf204537242fb372d65da35f

  • SHA512

    23e7e0dbcbdb9b0b81923d2386ac38679218c4479a085afce5095d71f202891ffba664b94d3a9afff1195cc87932bd6ed9701155450aaf646fda3e6bf2701a6f

  • SSDEEP

    6144:0pOKkhm2HV1fmPbA8iY43nDnoEB02oWYsLxlH1CMX/D751LmZXds54p2G+gF7QBM:eGP3nDnPBAuxlVtD751eppMBQ9+NS

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\fdc24ec29ab1c3a89e157e14c8f39cb0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fdc24ec29ab1c3a89e157e14c8f39cb0_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2124

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2124-1-0x0000000000401000-0x000000000044E000-memory.dmp

    Filesize

    308KB

    Download

  • memory/2124-0-0x0000000000400000-0x000000000047E000-memory.dmp

    Filesize

    504KB

    Download