Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

1808b49be4...18.exe

windows7-x64

6

1808b49be4...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2024, 23:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1808b49be4c913cdb1bd7da8d611bd71_JaffaCakes118.exe

  • Size

    536KB

  • MD5

    1808b49be4c913cdb1bd7da8d611bd71

  • SHA1

    b37b26f45c78720e5ac95160af83ff65704da97c

  • SHA256

    e274011734a729d75b28f0de5f9a063c367afdd6577978c15fb401eb55797103

  • SHA512

    34782393a2847fb5db382ac9075f04968c546f387e4b8c7116edafea1a17294bf79cda767764f0c8d8d9ebcb0ea29130333dd04d890c29d7739d1ee8a719e0ef

  • SSDEEP

    1536:Nqwy92SkZ0rbJMngj5PKjoxACCcC/sxTrUll9uSgfPZeDKPNWtJrHLb8vzrC53XV:Zy9lkwMnXk1Cxs9el9uScZe0hrCBXrB

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1808b49be4c913cdb1bd7da8d611bd71_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\1808b49be4c913cdb1bd7da8d611bd71_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.curtoegrosso.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2088
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf9db6fb56435af5507664b2cc26656a

    SHA1

    8a3fc4663cb35f9e126f915497d7e94da97f0c52

    SHA256

    2e73f27e3b42c085338a307c7776273c2969f8920baaabb0142b66a1f8452cd4

    SHA512

    14ddaabf942df374571f10f7fad2879e25424da454eb38fb79d4bfb5b0490afa8ee303f22613e38a19a81a7536b1df9f370b6f885397c2b1866669319d23b5f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f18bcbf5d8fcf9a9032822aa4fa4e0ff

    SHA1

    0bedae13e8234629dcfea8328393501c9a158d10

    SHA256

    d88f780365bcb9221f9fdbec0059405eb706469d8939e88e0bbb33892a4b7465

    SHA512

    3a38d862e0d81d81b8c469d62d0b66174317f5cff5c9d7880a6996d0b80a3958c01230a1240d9b8c7b87aa77ea7221ce7d1dfa001e8fbccf87d181ead3d3421b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c39430ee65abe2c5d77add4f377a5c79

    SHA1

    9cf21fb93b8e39c0e5481abe21ad622316c5b5d3

    SHA256

    72e152e281f9524a2d94af9a0e061697a8d054343b5a0d8d5a605651d0316698

    SHA512

    b0575e642a243c396d26888bfea67a709b6a4dd6299e5925a801604326e235b377fab3090a5d824ddbfe2017b8b60ecc6662c6cfa9b541b26cabc7cb9178605b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7f7768f68f66e0319a9412cda37f29f

    SHA1

    93d3d09947316e7f6826ee5bffb13a537633bd15

    SHA256

    c1f7c1e7aeae4166ba91febfc6dfaac59987cf48b829a5ea6fc57a90c553c821

    SHA512

    a978eba504d706128e4f916a646c9a13a1a39f77dae5696e283b080480f43758a6ffaf4da22f0cdda66b99f4d9d3ba6db2ab90011a74d0b89e4fa5ab14c8f1bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7863bd2627519db2456bad6e0efc67f

    SHA1

    b2a99ad86b74292150b50cf8228b579cf0f71867

    SHA256

    333be1d76336572f06c3f2e682ed0281bd2b8ef308e6089874ad34db06aa5c85

    SHA512

    27312bb2bbe97201bf5d62e77f7c22f6cc0f3566b8309083527afe19ac253d3df95f4ca188decaec9ac708b9b7818f224450b0a0318a0e0d694edf5b6cfa27a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4b46a924e7f9a61f2446a54359c7d73

    SHA1

    ce3544628e464e1a11fb7df5a7876c915f6ca40e

    SHA256

    cc4f1b0f3afc79ad8c9f2255e37ffbbc7c1c6cc55deb22e6ff7ac236ea18b756

    SHA512

    74e4905076a6b7b6427f4eb44e1eb98b662448951fcea2d577ca485a5493d99f246aa37eae8e5987842dcee97f73709e56a0ff3f9332b89f03e35ecbd982adb6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12d34f73dd104bf5b6203fabbe7a10dc

    SHA1

    7fb7d057a7a51fafdb60f433eddb9ecd394094c5

    SHA256

    e06688228e3857934a9fdbdee675e86331bf096c96131fba3882687d1fca27c1

    SHA512

    e1505748e6cef0e9ff1ce6e19fddad75972df355e8bba926a00864c6f67a3cfb6e95b474634dc7938f8aba0f2c13a0aaa9a48fc19973df42860e9e8633c3f462

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc11ed3ea0eb3636cf82af34fdeba59c

    SHA1

    cf05f0899ac42d8ec37654e3460791a034ea420a

    SHA256

    12cfd62661db37b7dd1c38a5c526e5671c848dd0cb5f64a7fa5f8875c86ae840

    SHA512

    1db1d4d5dfcb5edc00749f127fb5aafb3cbecdc84b5bbda3f72eb28e8eac2af0000a3fefd3ee6fb1448ed9a35e2e3a1911f261062548d1645fb514cfe4c5bcb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eaaf85f2dda7fbc574f9a43004e1c80

    SHA1

    943055dcd68d9d424b8362b49bdfe8f6328d058c

    SHA256

    772ab93aa9b3f80cd68309de88c62c61485355f7acbc51483fa5e033c9bf0194

    SHA512

    42ed6493e1ee44e977f48f63f02f0ce2862e1f02ecff2e6c4f7d8ee4b100237119dbd13a6a605d72579efb0646e686204a066ccd7afa438edca9dd9b2ba02b44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a15f098c3f3169b206095a094a372fa4

    SHA1

    a1a4addf05ba9d7f15cf8f136e5aaf18d28c595a

    SHA256

    6ccabf734d7e7c7b3674d60361c313d696f4fff7333d2eb73d27f6db772f0adc

    SHA512

    85f287a39525f2841b962bb3087d5aecc4b62c789dc96c29536a5c5def4d27cb8da198a0232fcbb2067dcf90f20a95f338e7478c9f7809c3fef21f5a0908c997

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5d967636b85781cb80ea7967ab1a50f

    SHA1

    cf3ad1b25282e63688adc9c9840428544ebb1ba8

    SHA256

    ece867078fbc9cfa441bba370828ee110476178130ed3a1477b854cb863df243

    SHA512

    8e5ffb6cfc87c9df99a6fd4f6c309e96a131af0c4f9784bdc054f166904d929e69c7cb4d9860703f10fc3509891474713be72dd6a51fb23f6bd868fa73170b4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb99fb8b0e63cee103ef92d29d0bd4fd

    SHA1

    d71f69c53d5820444eb5fdcad0bc5f428468fad2

    SHA256

    bfb3eb18faba6e8a681ef220c6845b29a3701872b4364ac435a9f833990d201e

    SHA512

    d98ba8bde732d3f8574b090330ecf3eb0ca7aabb25ba264103f4fee96b3e1612b3f8cbc2c74eed4efeb6daf6845becc39b4a566a79c8bb42a7cac2e2d86c40fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77fbea7d490d23deb1222537228e7526

    SHA1

    096af0a5292c79a7b583a6dbd37907cf9beb02b0

    SHA256

    f28217b096e383b7f01e7e3ceed8f2e7ca1eab46bb3fff3ce00d2afd7ab1e200

    SHA512

    b1e9f4c0f9c57bd52859ab6ef910d2d4cedc34a9d9f2bdeba8d124197cc8c7e631f165778be4e609f664532e5e5b57ab739738bec4ea21f7b688e8be64ed68ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    259fdd20b71d523c9ce117e6f653b488

    SHA1

    b85b2b67764861ea357b22d3d772a2bada6d739d

    SHA256

    6f5ed7875c2302b235cd28dd6f0e856e2971544fde60b01cca275f61d045be8b

    SHA512

    3dbcdd1ca7cff7aec54fe4f549528de853475060becd19a10f7347551c4b167013c24248e4587d8ebbf9256f9404870b4ccae71b7f90b458b8a3f33d089fb976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af5d5383a2bf2c04cc3428dbe3b8a91c

    SHA1

    80c734a624229c46d6be3a2e831bc76a652e729c

    SHA256

    846c0247a946c1e0ede32eaa095c0664333309514523494ed860510170623e54

    SHA512

    1515df2bbe5917045f4356c1f744bd65da56d0d0a808baff8f2728fc521aae4b633609b474ab0c481e8749ec5348783b693e4297ac2658a5afe3c2be0899d465

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb5dfb5f0a75b050e3e6d6783b093c0f

    SHA1

    dddef2e0d6babc74035bedf702ece38ff769ae00

    SHA256

    115391a3246a6d267288b3837d3d384596043640a187d7491b9c4aeae50033ac

    SHA512

    aee2dca787542f0777f2e158db7fe26756b691ab351b3fa9017658782d3e8f78ab74c4810c9ec512ff12c3b888eb83296790ed66d4660a1b8abefc0da4536b91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4b5568ccc448f111ecb00ad6e391b44

    SHA1

    ee5e24989ea999436e0393741846a3efde2f3bdd

    SHA256

    798ed4fdf616b56cc6090a271b77c2ea6e832b6f4079201e4eb20b6eed574674

    SHA512

    2f28417a32f0540ea0dc119980e945a3fbe9d465eae9ac184ca8afbe2f9713dc597b960d13acd78154250ab29d5d98bd352813e34020bef5d13b3cb8495d2f33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    653d4eb833392c17c7e5fd4647dcaf73

    SHA1

    4c57530b444a046498801bf14f9983dfed20ff20

    SHA256

    233c121246a4a07700d4f5aa2347358b79e9fb4276f7f01646c5265b25812c1f

    SHA512

    0837e42c369f708ac0b93d0528f6c9829822af39b6a2482693f155f3ce1b01d34a2337b6442a23b97763781d99e7941d5626710377161f4233d9001b00d3fb48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2894d0e3d167d8c748b802d9e9b53e8

    SHA1

    38a05e6c37d56ddcbc447d9375b665da892fdfa7

    SHA256

    ef1c70450e84fdd844423c06f0e267e899d5282fcdede89dc9689d6de1e0e0f6

    SHA512

    dfc21c11c7a87cb8108c847bbe20c1697b68cc5e04f13dba8cb86258442c4c6307a03f8c96a53a321a8797d0d327ec8905c4efd96192d70702f9a72c965e43aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab848C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar858B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1672-3-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download

  • memory/1672-0-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download