Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

0ebf51ae27...18.exe

windows7-x64

3

0ebf51ae27...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2024, 08:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ebf51ae27ab7802c9283f3b0c674fc4_JaffaCakes118.exe

  • Size

    7.6MB

  • MD5

    0ebf51ae27ab7802c9283f3b0c674fc4

  • SHA1

    3dc8f6ff564b01e94f566ef368f4dc55a4657d8f

  • SHA256

    aaf5ad971761f0837b047c0d7ca0468195923b21fc58b26b1f2103be74f630fc

  • SHA512

    7bd9bdf17d4c22d898eb1f9183791cbb44a796c5073c00e5c7e9c4bae30147ebd1efe7a97bf601eb95f29274a1272fa1eea262b993f8a3d505a6789982562de7

  • SSDEEP

    24576:QGSpbxxtMdLA4slatBYSEXD7u+nR3xjJQr+wdnVHqz7OFTOjkp3ys5SCThvGLMT9:DySq7u+nR3xenVHqATOjkpDSaeC49+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\0ebf51ae27ab7802c9283f3b0c674fc4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0ebf51ae27ab7802c9283f3b0c674fc4_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1928-0-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-2-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-1-0x0000000000400000-0x0000000000682000-memory.dmp

    Filesize

    2.5MB

    Download