Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

2909686ce0...18.exe

windows7-x64

4

2909686ce0...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    06/07/2024, 17:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2909686ce0bd269b5252545775771f21_JaffaCakes118.exe

  • Size

    414KB

  • MD5

    2909686ce0bd269b5252545775771f21

  • SHA1

    383a6d751e7648526537cabae94767ef3ac12225

  • SHA256

    a7dbe9ebcb0d67e93e732e2d679d1cd87eaa2fcaa83019e37e02cc6a3f5799db

  • SHA512

    298f7ecd521cb1698baf2faea2cea3c682d9d455bc312b67cd89991857e27bcb0fe370ce512501c12f94501379f6af5585be2168b1bd10fd328928efc7be9a8e

  • SSDEEP

    6144:m/GzBKRBM7s3mRr+ol8B55sc+IDpKo/AAODMQ7Mp4ZlJAKEI/q5Dj83WID:LbwWRS5sc+ID9NODMQ7XJAK4gWID

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 6 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2909686ce0bd269b5252545775771f21_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2909686ce0bd269b5252545775771f21_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\index.html
    Filesize

    7KB

    MD5

    7e54b4a7d6b625e3e665a895ef749533

    SHA1

    edf9840d1daa44dd37e6e0a74e584a835de93bbc

    SHA256

    6135f7b4f50d0c140422a8be10b7d7fdac19ce787cd71d34bbf12e723f038778

    SHA512

    18380c452e59908358ae6ec1c1da8f5961a042a50f709bf7c134e2869e32a21571aa2c97a102adb470e453a140ef2d79f604b49a763557c83a2964dd1017f209

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\style.css
    Filesize

    2KB

    MD5

    d07c418be56a76cab52160596f51c5e9

    SHA1

    1845b428e288e833d406fd24c4e9be44ed130e00

    SHA256

    8863ecc303c7419247687e767a071f5cfc2ac4223f5c5fa2be344ec2a329ac01

    SHA512

    3a6ec4c079faf467ffe992ab64e60abe062f76c4ba797df16e760dc1d604fbe4cbd4f2e8b8096c9e439bce81ff1c5c9dcef3ef4fbafcefe22cbac8d5ceddcd8a

    Download Submit

  • C:\Windows\system.ini
    Filesize

    276B

    MD5

    a802649c13c372b9c1410f5a94644b53

    SHA1

    df4d9dc4a2b1a2d01459a2c508fea310747798e2

    SHA256

    636d4653c233703fe318b803e973907dbdad34c851a4609bf004b3b0b3eeb711

    SHA512

    068c2cf762ce8cb44e05111d98aecb674941c840e47343bff0f430dc2f95f198f0e4eeb803077e560aea68267c18618e3ff31ec6a54a06c2a66601c6dde9a5fd

    Download Submit

  • C:\Windows\win.ini
    Filesize

    565B

    MD5

    dc1de9c65e372b95b37701f263d55396

    SHA1

    a6d416069faea4d2d6a954562d6fd23626b23ed6

    SHA256

    7a68b8a9e16ac858b84235836978f6fa9172478754667f4600ebdf2d366c9cd1

    SHA512

    cc1c5502bc145ec0e038e8cd9057a24bdc635b7fb3bc562120d73c9364d2d1d80b84f796a066c3b3d60c578a3339b4025440ceae7faeae894a5b6a0da6868934

    Download Submit