Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

408612b5f3...18.dll

windows7-x64

3

408612b5f3...18.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 15:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    408612b5f366aea3920bd32a17832829_JaffaCakes118.dll

  • Size

    45KB

  • MD5

    408612b5f366aea3920bd32a17832829

  • SHA1

    9e940fd5609cb8956a664949d9e086c05a1a66e6

  • SHA256

    d6d1e1365c106dd130c31780714f6cf957b73101cf6ab610aec50a2a631d3203

  • SHA512

    edeb58ea3e2071121b2abf4fe34a689560154b72cc7555917c14bc7df4800b1f62ec703d4da307f7e664615feddd30a69a8e9a38fc844447cbeed4a61e7ed070

  • SSDEEP

    768:w5MP2cQbNSB/igyClWYQyKVkSqsgW398J0kdYjqpheXo9s:w5M+cQRk/inCAnVk2gC985/io

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\408612b5f366aea3920bd32a17832829_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\408612b5f366aea3920bd32a17832829_JaffaCakes118.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2716-0-0x0000000000180000-0x0000000000181000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2716-1-0x0000000000510000-0x00000000005E6000-memory.dmp

    Filesize

    856KB

    Download

  • memory/2716-2-0x0000000000510000-0x00000000005E6000-memory.dmp

    Filesize

    856KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.