Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

e760d9b22a...18.exe

windows7-x64

7

e760d9b22a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    144s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    08/04/2024, 11:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e760d9b22a18d4d1a60bca43adeb7b67_JaffaCakes118.exe

  • Size

    586KB

  • MD5

    e760d9b22a18d4d1a60bca43adeb7b67

  • SHA1

    5a92dc9012402adaeb858583bd1ce535e5a424a7

  • SHA256

    130fa1c54405ffd54f83ccb8e95a67a4a190a784802a80635d09e8a338eab77a

  • SHA512

    f8fc1eed46df8484149e74089f48d1b47bfb9ebdef489756960cf0a1c518d4f3c2cb60aa9d5fc4b5d1e074f4b94a56fe03bfada2fa53cb7756fa4e405609079b

  • SSDEEP

    12288:JRCPOgBpF5PKvWqh09pEkF3Z4mxxVoLZGx5Yejd:/CNSThEQmXVoFw5Y8

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • Modifies data under HKEY_USERS 33 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e760d9b22a18d4d1a60bca43adeb7b67_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\e760d9b22a18d4d1a60bca43adeb7b67_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    PID:1980
  • C:\Windows\Internat Explorer.exe
    "C:\Windows\Internat Explorer.exe"
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    • Modifies data under HKEY_USERS
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:2616
    • C:\Program Files\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
      2⤵
        PID:2684

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Windows\Internat Explorer.exe
      Filesize

      586KB

      MD5

      e760d9b22a18d4d1a60bca43adeb7b67

      SHA1

      5a92dc9012402adaeb858583bd1ce535e5a424a7

      SHA256

      130fa1c54405ffd54f83ccb8e95a67a4a190a784802a80635d09e8a338eab77a

      SHA512

      f8fc1eed46df8484149e74089f48d1b47bfb9ebdef489756960cf0a1c518d4f3c2cb60aa9d5fc4b5d1e074f4b94a56fe03bfada2fa53cb7756fa4e405609079b

      Download Submit

    • memory/1980-0-0x0000000000400000-0x000000000054A000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/1980-1-0x0000000001CF0000-0x0000000001D44000-memory.dmp

      Filesize

      336KB

      Download

    • memory/1980-3-0x0000000001F30000-0x0000000001F31000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-4-0x0000000001F80000-0x0000000001F81000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-5-0x0000000001F10000-0x0000000001F11000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-2-0x0000000001F50000-0x0000000001F51000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-6-0x0000000001F00000-0x0000000001F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-10-0x0000000001F20000-0x0000000001F21000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-9-0x0000000001F90000-0x0000000001F91000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-8-0x0000000001F60000-0x0000000001F61000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-7-0x0000000001F70000-0x0000000001F71000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1980-11-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-14-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-15-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-16-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-17-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-18-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-19-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-20-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-21-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-22-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-23-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-24-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-25-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-26-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-27-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-28-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-29-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-30-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-31-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-32-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-33-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-34-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-35-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-37-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-38-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-39-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-40-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-41-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-42-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-43-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-45-0x0000000000400000-0x000000000054A000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/1980-46-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1980-47-0x0000000001CF0000-0x0000000001D44000-memory.dmp

      Filesize

      336KB

      Download

    • memory/1980-48-0x00000000032D0000-0x00000000033D0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-49-0x0000000000330000-0x0000000000384000-memory.dmp

      Filesize

      336KB

      Download

    • memory/2616-50-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-51-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-52-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-53-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-54-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-55-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-56-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-57-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-58-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-59-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-60-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-61-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-62-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-63-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-64-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-65-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-66-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-67-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-68-0x00000000031B0000-0x00000000032B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2616-116-0x0000000000400000-0x000000000054A000-memory.dmp

      Filesize

      1.3MB

      Download