Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

0d23ebb139...18.exe

windows7-x64

4

0d23ebb139...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 07:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0d23ebb139e4fa787a6c816ee433514d_JaffaCakes118.exe

  • Size

    414KB

  • MD5

    0d23ebb139e4fa787a6c816ee433514d

  • SHA1

    d7b38948943f0b03f2111a54e650ae4d683e3183

  • SHA256

    bb643fa4d450da956d9724436b42eeb094e6da6d2781b2c572031297ea5c31c2

  • SHA512

    26921dc07c6564a860f7922f0a0ab97d7c86f996ef73439d24b5ed6d43ff425a0e485e791c92568d4afb4d44faa4894b1fd3642ba9b65da4d1e4213d91f17faf

  • SSDEEP

    6144:m/GzBKRBM7s3mRr+ol8B55sc+IDpKo/AAODMQ7Mp4ZlJAKEI/q5Dj83WIF:LbwWRS5sc+ID9NODMQ7XJAK4gWIF

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 6 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0d23ebb139e4fa787a6c816ee433514d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0d23ebb139e4fa787a6c816ee433514d_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:1492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\index.html
    Filesize

    7KB

    MD5

    07c3751a16e6a93dba7a1f88db56fde8

    SHA1

    3e53fe84cf5f3dd8fdca3bd878a4d5cd38da611b

    SHA256

    b41e359b029ce130484469e8b8f53e36939ac4e765b033c39fc0e16d1c1fb56d

    SHA512

    2553482f199602c1fcb69d5df4d0d9c04f25f2bd9d63b40d98112d866cd56e60d6c39a7244bcf33307adb61637f27ded8f3386361921f3911f86b0d1e12daf1b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\style.css
    Filesize

    2KB

    MD5

    d07c418be56a76cab52160596f51c5e9

    SHA1

    1845b428e288e833d406fd24c4e9be44ed130e00

    SHA256

    8863ecc303c7419247687e767a071f5cfc2ac4223f5c5fa2be344ec2a329ac01

    SHA512

    3a6ec4c079faf467ffe992ab64e60abe062f76c4ba797df16e760dc1d604fbe4cbd4f2e8b8096c9e439bce81ff1c5c9dcef3ef4fbafcefe22cbac8d5ceddcd8a

    Download Submit

  • C:\Windows\system.ini
    Filesize

    276B

    MD5

    3744ba1f87b664c9150b052c9cf53ed6

    SHA1

    1f123d00c56a87f51e1fc5f57e0fac9595c1a807

    SHA256

    96451be80dd1581b0c0213631246b89868b9ca21e52c467a860a213b2307a88f

    SHA512

    78ebaa8865ed339410046103fe6616cd660171d8e4ba2406004b8254f67f18ad0d000a6de2274f83f84ae4b4aa7a60e295c082b9f987fee0497b23fe66f84e5b

    Download Submit

  • C:\Windows\win.ini
    Filesize

    568B

    MD5

    f0ed55a181651f88ce325802b4806d0f

    SHA1

    bbfcb7ab0d2092ab94fb1a37ca4a1ffa0e6d3d8c

    SHA256

    a21916a2f7c67b6b315834101be9b0f2444031ae34689ee5ad3333844647d356

    SHA512

    fdf713475d9c69ff8d90918805b4794d1ba0ad50406605ac24869e4bcd410947a5b2c71c98bdc9684f08b1e74b9888bb7b3a6f3161af021007a2e23d9a9f36b8

    Download Submit