Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

2909686ce0...18.exe

windows7-x64

4

2909686ce0...18.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    53s
  • max time network
    64s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/07/2024, 17:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2909686ce0bd269b5252545775771f21_JaffaCakes118.exe

  • Size

    414KB

  • MD5

    2909686ce0bd269b5252545775771f21

  • SHA1

    383a6d751e7648526537cabae94767ef3ac12225

  • SHA256

    a7dbe9ebcb0d67e93e732e2d679d1cd87eaa2fcaa83019e37e02cc6a3f5799db

  • SHA512

    298f7ecd521cb1698baf2faea2cea3c682d9d455bc312b67cd89991857e27bcb0fe370ce512501c12f94501379f6af5585be2168b1bd10fd328928efc7be9a8e

  • SSDEEP

    6144:m/GzBKRBM7s3mRr+ol8B55sc+IDpKo/AAODMQ7Mp4ZlJAKEI/q5Dj83WID:LbwWRS5sc+ID9NODMQ7XJAK4gWID

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 6 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2909686ce0bd269b5252545775771f21_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2909686ce0bd269b5252545775771f21_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:4404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\index.html
    Filesize

    7KB

    MD5

    7e54b4a7d6b625e3e665a895ef749533

    SHA1

    edf9840d1daa44dd37e6e0a74e584a835de93bbc

    SHA256

    6135f7b4f50d0c140422a8be10b7d7fdac19ce787cd71d34bbf12e723f038778

    SHA512

    18380c452e59908358ae6ec1c1da8f5961a042a50f709bf7c134e2869e32a21571aa2c97a102adb470e453a140ef2d79f604b49a763557c83a2964dd1017f209

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\e\83408-040712-212552-78.a2k\style.css
    Filesize

    2KB

    MD5

    d07c418be56a76cab52160596f51c5e9

    SHA1

    1845b428e288e833d406fd24c4e9be44ed130e00

    SHA256

    8863ecc303c7419247687e767a071f5cfc2ac4223f5c5fa2be344ec2a329ac01

    SHA512

    3a6ec4c079faf467ffe992ab64e60abe062f76c4ba797df16e760dc1d604fbe4cbd4f2e8b8096c9e439bce81ff1c5c9dcef3ef4fbafcefe22cbac8d5ceddcd8a

    Download Submit

  • C:\Windows\system.ini
    Filesize

    276B

    MD5

    7eb4ff5ee183890525f16b0b768c7101

    SHA1

    f6505a9a418e02b5357890f30bb85ae4b4a97a10

    SHA256

    89948f920ac84a6b82e26a2447da285d493ffef94f4bc8c83c4e6955ae5a056f

    SHA512

    f59e1f7810e3af73d76a725c871e7f2eb62137f90aa867b3c8c4f10acc7bdeada94c0246f996d1f686488156d174416265a90c8a40c6b65fabf765543168060b

    Download Submit

  • C:\Windows\win.ini
    Filesize

    179B

    MD5

    3cd721f738deb0a67a99d4e94e65e3b0

    SHA1

    574b81a7d789e5187ed1d2490a0d161005aefbd8

    SHA256

    427c2f3af5410405ca940bbc07ca651d01fdaa451b49a5d4c3f57676ff77d704

    SHA512

    ab1089c4e70ce17173ab7523a9ed2524bb8e08854895a89b81bcc1bfda83257d344f12710fceb9403f82d45aab84693d5270c96538a4dc6d80fdc9940521862f

    Download Submit