Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

3de3c66127...18.exe

windows7-x64

7

3de3c66127...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    14/05/2024, 04:34 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3de3c661279730a6145234fc80a8ff95_JaffaCakes118.exe

  • Size

    8.9MB

  • MD5

    3de3c661279730a6145234fc80a8ff95

  • SHA1

    699bd18b48eda29c70066270988044ce173ceb3f

  • SHA256

    335c14850986f5b43481b1728e1ffe477be33281768362ff973a25095d748b27

  • SHA512

    ff1e884f7b49eda4450c134c4ad5276058c888a3063218f4e78345c7ac10cce09487ef4f5db67874156aac037ebb3d930ef0c6e2e4aabd797f11887a8e0c1047

  • SSDEEP

    196608:dlX+aFFgukY8Iw+5j3tpXr7e6DicueojSsmzRIPdes/F:dlrFFg7awYTzvMjNoRaQs/

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 14 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3de3c661279730a6145234fc80a8ff95_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3de3c661279730a6145234fc80a8ff95_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Users\Admin\AppData\Local\Temp\3de3c661279730a6145234fc80a8ff95_JaffaCakes118.exe
      "C:\Users\Admin\AppData\Local\Temp\3de3c661279730a6145234fc80a8ff95_JaffaCakes118.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI21962\Die for Valhalla Setup.exe.manifest
    Filesize

    1KB

    MD5

    449ceb1af5d05451f65c7680f0e6aac0

    SHA1

    8dc710f7f2402d3a473105949647fb042544b783

    SHA256

    7c8a8afdddeacd6af819b8004ce5e8f5aa0195cba96539f6876673157149c186

    SHA512

    b7788b1e5279f033d9d93e4b848fce0601ef327450c7a5c787c84dc2cf0d2e3b1115e31cb48439f764c81fa4de0af35c5401fa507ea19415ce1843c646715de6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21962\MSVCP90.dll
    Filesize

    557KB

    MD5

    dd90031fa3e7533626ca4b1f5c6f0114

    SHA1

    c075c9c0ffe6b901e1b0758d99463ed68cc4fc9d

    SHA256

    d338cc1a31226b4af905366d42fe54b96d6a54aa19ce68c66ff6151af47bedd1

    SHA512

    8154f978ae972ec362ff5bfb24b57216d986d15c0890274c0743b5eb76634de0ab226eecd183a745b8be4b1c8c45283210f4225374e8365527d2f4b70fb1e124

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21962\python27.dll
    Filesize

    2.5MB

    MD5

    bda3ccd47d86473965f00e5fcf9857fd

    SHA1

    c45985b9ed5083117ceee1dd0823496f9d7189e4

    SHA256

    ad9038fc6bb13e15fb7794f56f7a57c790026221a402b88b49bf7e9f430f9927

    SHA512

    eadc5c3c6dc93dac3975324476ff498ef8b70b586630a2736fee69610fde686ffe09e90f8320c5f62587fcfa226c77f65b595370c67b4ab661442ac8a3df9591

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\Die for Valhalla.jpg
    Filesize

    556KB

    MD5

    a5e1354fd50b78b58d83c839e4abe879

    SHA1

    34e2d14ec61051e2cff2a75dba0a9484bcd29529

    SHA256

    80c83c0271c34380ff924abaeae3882a66978989d66314d27655ef6508184cc3

    SHA512

    0d6e20edd71cc11e2eb20f7ec869e07ad1af1573ae38412576a3b00a17123275808d6648625e6ea6769f067facd95865553456b1f2c95af58d80333e48b99258

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\bad.png
    Filesize

    940B

    MD5

    2ba096963e1c527a42a6e8d3597c05d6

    SHA1

    7248808fe866ad0db48e21f6b0a3a673738f7edd

    SHA256

    8e3434053274efe365df95bc33a3415e44076a95ab4065b994fbf08c8fd09544

    SHA512

    21bdd4858716416b85004c68f9c59a1c115155f35f72cbb5372b08847e9eb82c80e0ca1ac2f1d8210492df35e3758e7ee46fb10c8e214615d5897984cffc74d8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\eula.txt
    Filesize

    11KB

    MD5

    508d59b95631c297cfed06e2571a7dce

    SHA1

    db361302a99549757791bc9890512a8a117b5e0c

    SHA256

    51dfe967d8146ef9c9835d86ea11ff2a211f8d1b4523ca970b75d6a593a38543

    SHA512

    5285eb6dbf5e1b0c97d811556ea7792c39e7dd94cd366327e73c3ec4cb8cb613a36766a1d2eac786ce8535da99a8e692e5719fdb7a71256ad39170cd3e990a6d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\folder.png
    Filesize

    2KB

    MD5

    14d0fc80cab977c9dbd106c71d3df562

    SHA1

    5f3a4aa9c65d20eeb635bab56dd65007a34df319

    SHA256

    672bf4a66aa4782f620d1039d785d19fd019cd5f3346d802c1e05f7a9e585ef1

    SHA512

    1b54680c462cca5275b9d8d2d691c31f8772a9cd89f88ab4cb93aa7f40a2f6e0ec397b49dd9a93ca92f0fbe2cffe1fec45a25de3b68ed3085e619fb6376e390b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\installer.ico
    Filesize

    2KB

    MD5

    05b6d3e24446f730b3988afacee69d87

    SHA1

    9b4269b6350b6855f985c6042d98b8e8d9fd8d4f

    SHA256

    2a444d2cb01fdf213c55bb0dfbb089f4aa88168b493d85430bf0853a1cf60dfc

    SHA512

    7d912686d4749a01559d639babf6cef41480f46b6167f7769ebf043271b1c703155faf038ec47f88fddc34d5abaac20123db65d266f31aa1976efc8b00a753f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\instd.jpeg
    Filesize

    15KB

    MD5

    e3b9de212012e2abc1fe8aa7320fca42

    SHA1

    65c58e1411a1909049c7f10a3b4895b04f9408d0

    SHA256

    59f88f7d2a2ebe37f70600631f72820d5d6a098113e03e9dc2c43c65d397c0e0

    SHA512

    77c2f4bb8572992d14125e6813e4fcd8576a5a3bcb7438889e07096163965331267dfc81f9b3a8d693ea1d9c60452e9923efa0f933a048611746187840181a73

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\ok.png
    Filesize

    938B

    MD5

    0e4a4d7a5a359cf6bbfd832ba0cbb027

    SHA1

    94c7e65c60e5cf833c233f0cadbf2372443dd2b9

    SHA256

    041a2fed8af4bb47dd38b03de9ab8dbe6bfdd6f438d9cd2f401b54adef9a929a

    SHA512

    1a97d4f381e7512b0e69305ad9b77885f67b8e14126b825f347f664530434aeed9b22bef61ee195c2789b81c2894372d4289b63276e0cbb4f9f6cfefa8159263

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wx._controls_.pyd
    Filesize

    1.0MB

    MD5

    0db65f78cb8dcdc4ea61e771c72e952a

    SHA1

    8ab97a0ae7de5753df217975b277733ef7507569

    SHA256

    eb7263251f27e2cb998f5b22861198cd7456d00ba2ede5343fb24d2860e98ae7

    SHA512

    b091e697c0a4a458e38494303cf5df99bf1319c440a988e95ad5674ece44b64c7ca7c4e366d497dbfcd483ca16908e904467b5113ae60238cac7b8db6d465dde

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wx._misc_.pyd
    Filesize

    716KB

    MD5

    0eea7ca8f5e69c2c84020c7f8dd1f364

    SHA1

    852d457563fab158c97ced7d366f669eca73df96

    SHA256

    4fc4c253c6814983ff4694fba2b692c470d3b39b7ef47c536b57aefb6c52794a

    SHA512

    1f64d461a5ed5cfb0cc8cd51fd08488ba48a0167d9957438b5e7a95106e7f402832530c8161c94e43ff578baa95fc932520066ded6297e6f99b1e1b971dc72ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wx._windows_.pyd
    Filesize

    797KB

    MD5

    6b7489e7b9ca93d08fb5831b6fbb94c5

    SHA1

    0b99cca6dc02953f003135a2c95054c23783abfd

    SHA256

    9f2202be7329583186dd1dada398d2941c6a32f9b9b7239dbaf1543c2d30779f

    SHA512

    bd38241ce4b2caa48f9cc03b5f966e6d609b3cb711e475a649c77e543ec25d2722cc51ce3d587666fa3c0d45769c5840b1746425919991b22e7440b696a568ad

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wxbase30u_net_vc90.dll
    Filesize

    151KB

    MD5

    8abeb0f85934df4329c145116ea1c7ac

    SHA1

    46fe23eb68e96ddfcf300d5ee586dd78fbab1ea7

    SHA256

    9f4253e3aa6ab8a2dcfd5813aa2d2883de4fc192f5a12ca25ae3d4dc44fae703

    SHA512

    462bd20a8d9baa3ba1ea62eb0ff1c2ff473aeca61b3df7a1e7fde1754ee89c412c2ba664b7ea211249edc5156cb9832768f306c9b4e50dbc3139822619e0d077

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wxbase30u_vc90.dll
    Filesize

    1.9MB

    MD5

    e21cb912288e0ab5c8ece3abc2788149

    SHA1

    45becba9675bf3a085eaff8de8e03c0cd4921cc0

    SHA256

    4805f09366f2d8dd0586bf2367462a2d82be65b99aca712d257259a664714f2b

    SHA512

    012f493a9970632990daeca315ceb2685bafe8718e697040bf40b296e2820162226cdffa742d9daf277338c926e2333266ba0884561a5cbd76a396ec8f2ac14a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wxmsw30u_adv_vc90.dll
    Filesize

    1.2MB

    MD5

    4bcd21ce5ec80e1666002f588439cafc

    SHA1

    16f5b22c80043b83136927bd77bd113535ffcb82

    SHA256

    5c2755f9b6f089605dec462460f31513db291b4fece39d21b5223a0cbe281425

    SHA512

    4756c4362f3c5f62843e7cfeb7d845f5a0ad6402995f1aff6d41c8719a70670833c8073949a894225c7b96b348b939a887bcd4c43855a7568505c02f1d3d28cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wxmsw30u_core_vc90.dll
    Filesize

    4.6MB

    MD5

    f67b8b3f8fda00f501573e7c267aed26

    SHA1

    5d8329b32a49361d6cbcafcc44de86b182d5acc8

    SHA256

    8a3f95f4a9e2b9465be14f027349912c00681e0744b68ab80db0a009951a9db7

    SHA512

    0418c8395a658174e0215062d3b61f4cde64d1333f733c791cf10ac87a8f8cd56cf2dc8d0ba12da1cfa6edcd7262963910aa537818762159d1f7f3fd4db7ec52

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI21~1\wxmsw30u_html_vc90.dll
    Filesize

    587KB

    MD5

    54501be59fdb1a6b4f37eb2d9a7504d4

    SHA1

    2d3e97cb9806011258767f617d241620b2988db7

    SHA256

    df726bbefdc5efb78bea9cc79aa7b285584dfa74a6f97c17de08cfb642c5af46

    SHA512

    43d1937c3885d5344b4c67d7af9d7b0e379f757ef3ec64b1830e4a2dc90e28538a149ed402fbdd559cec7b024b484ec35926765d9b410d203b12b402f6047959

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI21962\msvcr90.dll
    Filesize

    638KB

    MD5

    b57aa4b9c02ab9cf14d59f56ae5c7557

    SHA1

    10e6e43c3283ad0cb5c95da84ad67324f2c36238

    SHA256

    38d822661affbbda0eaeac0715ec8eb91a5dcc2f41bbff4b5de5dee57f7d9e17

    SHA512

    b0838175024db2a62f1c0b2149fa390986c3aa7ea296f6419711a5a40b1da4ca2091586df530fbc90e72b1588197e7418bcba9f9821417d232b12d6c51d74436

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI21~1\_hashlib.pyd
    Filesize

    993KB

    MD5

    b1dbd52e5da083e5b5613a2b4c17a4ef

    SHA1

    0ed87f9e0b572f88e102739daab54db03fade416

    SHA256

    fa57bf3173f2d636984305401c06f1618b8119fea2c311d1173566ea236fa0c6

    SHA512

    dbe14802ff53e8fb9f35baa1c1bd0dc55c1073e0f96b59b5cc3783760e23c645cd453a39b2b4d0ab79ee871ba1cb81154a4cf5c54b67dde7ea14008d72dd2cae

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI21~1\wx._core_.pyd
    Filesize

    1.1MB

    MD5

    4b9820d3bd2e61fb921c0dde667bf513

    SHA1

    2ff2ce8d072eaef95c9c43fcad82615ba0f87865

    SHA256

    92ad1dcc58b8a6d7453d7cd3db046133963c2c5aa6045aa4506d14fe9a7c4765

    SHA512

    cccae0200d84543b5deac528727479f786142cc51dff590d9142ac53c851d8cf3a70c83637b7bc7ff2a4cebdd694b8f4fcc65cecaaa6b1d52f4364eb3123fa1d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI21~1\wx._gdi_.pyd
    Filesize

    788KB

    MD5

    d12df306c261ef2cbfeeb429c6e2527e

    SHA1

    cc9a95ca1be16470a9476f80f0061109faed8e19

    SHA256

    6c12d4cc6f05674e029530e080b8c308a0436933563dc1eea9e9422c396f899d

    SHA512

    6d04c1c0472445b605e0b4a4d97bd8eb3ff0faec2c1e939ce6af5d10373cd7d407944c3fa3f181d20b954e6536846691912044485daeca6ae23d943404be3980

    Download Submit

  • memory/2196-77-0x0000000000400000-0x0000000000430000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2596-48-0x0000000002D70000-0x0000000003235000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2596-61-0x0000000003450000-0x00000000034E6000-memory.dmp

    Filesize

    600KB

    Download

  • memory/2596-64-0x0000000003CF0000-0x0000000003DF9000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2596-44-0x0000000000440000-0x0000000000469000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2596-38-0x0000000002B70000-0x0000000002D67000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2596-51-0x0000000003240000-0x0000000003377000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2596-67-0x0000000003E00000-0x0000000003EB7000-memory.dmp

    Filesize

    732KB

    Download

  • memory/2596-58-0x0000000003380000-0x000000000344C000-memory.dmp

    Filesize

    816KB

    Download

  • memory/2596-54-0x0000000002660000-0x0000000002729000-memory.dmp

    Filesize

    804KB

    Download

  • memory/2596-78-0x0000000000400000-0x0000000000430000-memory.dmp

    Filesize

    192KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.