Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

0bdb420c8f...18.exe

windows7-x64

4

0bdb420c8f...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 01:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0bdb420c8fcfa31ed3e10add28e83b96_JaffaCakes118.exe

  • Size

    774KB

  • MD5

    0bdb420c8fcfa31ed3e10add28e83b96

  • SHA1

    caac4052dcf20d48bf0f9a6ba902b528a0035da0

  • SHA256

    41db728b77d8001b8e400860c25c080347fdbcdc5ca5e49b1ac7a7e7c9f37a48

  • SHA512

    39e8d2e92ff950dcc67315743c3f72d63c4f15458700b30115089cecf5c988ab22379e95440324c44e3862006b478bbb9b9e030985152255192ef98b6f494f5d

  • SSDEEP

    24576:bF8usEsGBrTfliQNGii3owEdfMp6pkJmDU+K6W:bt5VTflJGVowEdrwmD/

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Modifies registry class 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0bdb420c8fcfa31ed3e10add28e83b96_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0bdb420c8fcfa31ed3e10add28e83b96_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1096
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.oo7.cccpan.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2112
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fc213877ebea2928b0a91c992c79f2b

    SHA1

    a549d32ca6540d803511b284a069537792dcd193

    SHA256

    d68c5b883a7d9d785210e5997b60f003830110548e5d1445d442ef7739f044f9

    SHA512

    3a55dbffbe347183ee146cb650b95de3ce25b069c9afdd7b19ba5f3fa5e68b7a88dbf7ceba60935e6e3d4795845b4951660055f47872951085e7c11eb2e39722

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a398e5586878c3a64620b99a895cf02d

    SHA1

    28eabdeee4d6077ae0e3163c14bede1989777d83

    SHA256

    800cfc8a9460a109c1b5e5d1b84d0d0fc2904cd5a12dfecd648e5e9b8018ce76

    SHA512

    c7d6723c62da9b224bb815685cca737fd0a11aba283494cc46f6d9a7ffaf21d477ba81ab4b8b0c88fbc754efa69e7f5d4f9221dd1f6d49044e74ab0ace9df480

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6cda880e0aa1d7284ae3fd89d7c59a43

    SHA1

    2689b15a3b63a0590901939478fbe4c9814324f4

    SHA256

    a3af998ce61600a9bb3d8ae8b2aa67bf32f982bed8119b7a06914a14d4ca559a

    SHA512

    037a2c78ea3a048cae36310bc0964c73154cbe20d134244b86396e828e1ea847a84c99e4ff3267dd6785fe05ebf7130abc709fe905a6d52903684e5a53d7b125

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f0dc4d1e365409f864c59e2d13a306e

    SHA1

    915978e23becb852692acfdb848e6eee149727a7

    SHA256

    15fea9e97e90c6fd8baff50f000ed44031c47dd1ce62e986c85157d0a62b2b01

    SHA512

    b20f8f2553d049711488c7b5c45ec559d5a69c796658a00a2995c147a138abe2710943aa7979e59a1ed4d3ced86ab1fe47c928cd848726123273a5cf78bb60a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    847cd9aba9c31ac19903b8d7629f54c2

    SHA1

    c3237ef0d225b2cdca63d3f93f55ed81560374bb

    SHA256

    f63c3bc61b34786dc62ae18518412bf9d238436875a3f5eee99f3a897a189d80

    SHA512

    d61788783513b786e0da0b53c2545f7ed3cfbe4aaccbc1921321b1cbe6f1a502613035405369a3da22bdb869cfddf470aef025387ff24a23dd27fa494ac069c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    051af48e7ff125db9de4318b7aa14623

    SHA1

    d3e7ab1f9e45f704698f1574aab60b5a545ff61b

    SHA256

    93d1cdadef76bbc3539581bebb63ac55ec1bd91c48d6f322f43dd3dac9bcc3fd

    SHA512

    fe3ef9e803eb95fe449b39db78df104960fe21ab20c1a69c92b85d46cf4b49e11802a358daf6824d87199e9acef919fedcaab1b3c924ae49371755a34ddd1c53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99218205eb17a33fa3337774f38adec8

    SHA1

    78b2d0f5b1faea2fdc5934355da3eb498f6f95d6

    SHA256

    012d78ff259526a0228701fbdcb957be16a97e009a47ba02b0ffae078cd3ae07

    SHA512

    4147e0885763d0a363d1db895271a7f7cdac09dccf7cc0b7c627f563404f5cbba2a08f410351b3294cb7a44f2235f6534524b26f446197af800c6e3dfc0b17b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85da34912c015500400287a90963092a

    SHA1

    f677068ec005738dc4c814f47b29a2133aca80e8

    SHA256

    79c736fed4a10cbe0b9dcf287b72a1232a2acbb7b45bb51efe001f776459b89b

    SHA512

    6bf5c39e8ab1a5e53423829868b3f8406032b118e88ee56d83471ff253fc4d43c22365381e45220506e0c6a8a1e821cd4063e8195ad41755a4a22cbbd778bffa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14ffbb5c939ad0c8a16f386cbbbabccf

    SHA1

    59af3f9d5c147e44020bc3d27543abbd543a01c0

    SHA256

    124cfd57259c235781c2e556c56f291313e4783fa84cefb423669af73bbe515d

    SHA512

    34ae7578fde0656d2f6718d9f1ee5157ec9e290d25fa04380266e542c7b0a938ffe87f2c413b0a489a501bf5e40380f6f16552bc503375e0385822dc97e6139a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99cb216774844d76c6cd34ffb11ea663

    SHA1

    5b32afe7f7be48c30d1b773c7782b7f785b68649

    SHA256

    2748c6e27f044fd714354723a1be8bc5df72d039a689fb4e20a7a0817430fe58

    SHA512

    adc466fb71ed6cbf4efc6a66ec6ea01b8284c31934e23be5168ff2eaf81bf4868ed23117ef7d66a2fa4aff9e45714bb7e4020e410eada4ce75ab39e62f55f0e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    766f204a2ef97302063bd3abf6e2f0ac

    SHA1

    42be5bfe2bbcdff7ad63fd94148e99c0d5422809

    SHA256

    0af9e691a7b358d20b9ab885c3cddf9e7431b622baf87577509cf9e35c1ea866

    SHA512

    97e13efea92127ca8deefb1f4fafc1b83a1406f603f23089fdb5c94d39df187fad010848bd90468e258eecc3923f1cf97178142cbf6e403dd147d1eecacf0e2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d172aa7da191286ecfd42fa1631123f

    SHA1

    3b919f90308ff2731ce20a66a329da7f7b8fa263

    SHA256

    1684a6f7ea9ccccc550ed80616c7edfdcf131560312df0213aa5593cdd1cf374

    SHA512

    04ee28de38a80a1da457f08cac0f8f045767d8eef262511f701273b76056eddda4c87ee13d942f24215f97e3d531ac4bdfb8453c71768212324f5d8b10fad767

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    961d51f7c58792516892ed6c516d64c0

    SHA1

    ed300fb75a278ba7bf8d9a2b3a3b8bcc431199eb

    SHA256

    218134fa68b609ee873a0f9a2b8be322056385b824836be710ac3a7ae87b6513

    SHA512

    b6b62057e811976a19d0d3752d104150840f37bf0f47c44f0c32319064643d5f8e279bc964e92b6bfc7203ce540357c79de243af51be662893b58126ad61ee47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d98ac8b7951c8a2392066ad0361a3df0

    SHA1

    dca33b304e312bd137b233a7eb7cc2016e93d9d3

    SHA256

    0e78045360261d649938d49191414283ab2b654952261ecc5dd7dac6e02f954a

    SHA512

    bfaf2729b2384e110078d65d349f56977d305b648898fc01b77c4bc180e5777fac57ea21f2a0539a69ea716d466217a1835f6e7422d300b99fa514f95dd4ed7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44efcbdd9bb241eaed9f4ae2da704939

    SHA1

    4252c480d8185b0a73e1217f550f84d8c0da7eb9

    SHA256

    067b17f546529f691a08de33dab7331281dc9a0b14c99c0b57e2a5bcc71adca4

    SHA512

    ed6b7312425d03b9d91f7f39d4301c7fb6a566209d5978705615e805854e955f7ee4ddbda917031f73acbe92705ce681287be4acd6441661665ed41507f04964

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fdac5c89a3b98c1ac81b5f9dc26ffe09

    SHA1

    adbf01ae9b30e42c0d10a577eb16e9cd939defb6

    SHA256

    02973bc7848f6ede322dde4dd0b695c9eac9dc8a3cc5d7f3d67fc16b10f927ff

    SHA512

    8ee3f72c8a245cc0ec8bd6763538f61f48e737e8150e796daf836cbd24b28a72defa328b9e72ad66db4ce8d3ed4e883a93d164119627907a5a7247cfef66bd32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a9e1ffdfd4441c7546e1dfade80c742

    SHA1

    fb11ac88f2d6123a4f3a5a9e39596c6a3d12d9f4

    SHA256

    22819a5f1a4fe03bc19eebe7b63258f6be245c19529f737f8ebb4e1dc5333b30

    SHA512

    400cf94cf92a9513c511aa0da7b326e0e047d001308edcf8fa93a5a3957785e2f82f813cf2ac6a77f40447ca6e6302bf7958dc23e4bc1830e88e3970d20fe9b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6c5720073274fbb5ba30a87e3ec14fc

    SHA1

    7cf08f14de37be5474ab6edc80f3626b455b3cb7

    SHA256

    f839b27640d055effda18fdcadfb5957e38a4c0529e998d51aa92a12228fee3b

    SHA512

    7d67ccbbdac30eeda3e1d1d1a4f06d0d23e988866745406120fd8b246fa9134a14d69846fcf799504580ca803c1daebe0fa90eaa1a6d7175ae995a249cec038d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b861a5fffbc2e1993a218ed8fe2af7e

    SHA1

    bea35dfdc8f52515e195f9a62492f560e9bf6e9e

    SHA256

    53186a2be40dc3286fc7a491f65ea1d8bf1116fb5ae6790241b931669ad693a1

    SHA512

    d67cdc43bf06b12f937bc3547144cfb9e13ac64a56d484561f5d36c64e7ea32ce11a3b22c7b74402e2cfd954f43be6b421026784a14117c700ddb38d530130ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab679.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar75B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1096-0-0x0000000000400000-0x000000000057A000-memory.dmp

    Filesize

    1.5MB

    Download