Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

2b398179af...18.exe

windows7-x64

7

2b398179af...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/07/2024, 05:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2b398179aff539168d257e924080a2a3_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    2b398179aff539168d257e924080a2a3

  • SHA1

    aedb85c5096dd1d877ff2d48de02d5c0d30de150

  • SHA256

    36907426a76ead9a2b4d3dc9e92370a9e24cb0e35cc1b29cff4eead5175837ac

  • SHA512

    fbbc8770d899633a44b57898f54d21a0db99be1a9b66af400c9cb2c213b719ac6f280516c46c4c8cd3768964ba2f83be616c6ca6539cccb6533b0dcd2031a2a0

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1vT:PWfUkBPyrtBxgQTMK0TKpxS3H8j0bS

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2b398179aff539168d257e924080a2a3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2b398179aff539168d257e924080a2a3_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2200
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=1000
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2916
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2916 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    182503dff2546ea28dfd2e6046390709

    SHA1

    93e826475fe8594c40ca8af9e890a3592ce6e406

    SHA256

    dd51087be1e35fb04682f25a8b1b515116e2cb6dd34dd12bd1d0ee1532f1d30c

    SHA512

    d7ce6cb75ff6a41662ee73ae0a4fce80143f326bd9a542145a18527c821e20232d0a65be5520049f37193f18e4273317594bba4886844884efa59c30b318390a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f43ec512924b708662d3957bf798398

    SHA1

    f3b1681cad759baa053c7d2096aa7f720029f82c

    SHA256

    428ef3349614e1281ad13f097d162d2fa52efa19b0f900165ed3696eae731fd0

    SHA512

    ae7e34ae66ae767b2ea0c68ec95beaf5c77ec4477b1d2101d47d959e2bda5a471cb34bed3c7d1e84a4a7c387ede02392139316d8a9293f4e7b17a2fd1907d0e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ee84086b71fb582f6fb89b8238ed07b

    SHA1

    3c64f312b47048c630e402a8095e9f69ca01d7a3

    SHA256

    1ade63bc3cb711418c907e661cce7ce158bd1f5441ffff9fcfb5d322ae44b76b

    SHA512

    17f8d416696524c46543af91b9f70ba6c54a56e64ebef5ea1d1bf4eab2607058f8715ff4dff09b65c0dc2982e4af66b0fc11d6b3de2a37593f75bf867808d9ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    525f95ead4c0c156705f46f43e236873

    SHA1

    4e2f2d0058d5aa644117a34d1fb45ce280e61be1

    SHA256

    ee26a3212ba62a2e26bbc93041c759730a3214e34eb529e44ac88be01813a94a

    SHA512

    401882b3d2985bec3937c71b541bcb0da33d35e0075d76d3f73a365cd2a9ab7fb23805dd882d25e7d4160bcbc17102a063279922540345698c9f34ddef6b9ce6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61671e8d7d55ea2b0cc53340c2d7a903

    SHA1

    e2951b0cb2fa5547c8ddec6d95f9b7713b3fc7d2

    SHA256

    fa9f1cac2065d76777a1951636be476f499861a5d7d4e5814c90081a8c3a4cde

    SHA512

    db757091022fdb7252e068d9707cd2b8dd4ac1df92d0f4c650a11c91cde2481ac31bbcc41ad3de81bea6278493d9a0a6c14347520d7904afe8549a952cb760aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c251b2e6ef92fbfb3cc05dd60bc520ae

    SHA1

    d464aa9c4a2f52631a9d857ba769d72a913d4c1c

    SHA256

    7372fa7754c623b006ebe85ac69560048dbb6973eeec447d3729d2a3d5ddd3be

    SHA512

    4aeec956a7fa93c7febcf06e7e8d42fd62d6aac3cfb9bb19349acc4ba156725d5bdaa5621e43b2e8d82db8583d192e6d760b6acf80c910be5b3a3a478d5cb8c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14ca1083167fc6db8f3b3825df4e56f3

    SHA1

    a427c014aeab0523e699b07afeae943bb1629f15

    SHA256

    65af76808a38430d5e6e84ea613a81e29124b7942c97517d6b9db3fd6a50b9c5

    SHA512

    218b892b45aabf6acfbc2e46948ff6bea7a186324ade2fea56608eda25cd16c375c2f7007822b8c56cfb6afaaf5c6c4996e7ab3527c6475e252a51899b72543f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d8a41d5975f34071bc24d8922f69ed9

    SHA1

    962f2dc8d9667cb652c7f7c4b39436dec14743a7

    SHA256

    afac3d2e660780e93b1a4b2622b6569906cd6567cab0f42c2ac062c33a8ff550

    SHA512

    3f1f2e0567e47edc7486640ece2866d4f46bc10d4764590a21b55f53fb4cfb8d59229701897cd55bf89b370085a2b356f6980b6a3333da0d0ad19260e72aabfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ceb5958575d94dcc1a075a5f267e8c38

    SHA1

    749932ad5807ce279429394bff45015497b32245

    SHA256

    448a096693ad67b24ebf4587786860304a42fe326c117ad7ffdeb9403854bf60

    SHA512

    7b7c7f69d5db44a66ecf8aa5dda1e41d65087478addb28beae5d4c8085dfc53fa3a52d03ebad70ef08562db5c40cf690e04ff4f17c576b5db057714b0d95b297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f4ad78e1addf6322ec56cefc380bf22

    SHA1

    bb3d89763a7a42abd7e947eebcf096761d0edab3

    SHA256

    6af3be80e9ca41e968e7354f024455930fd2a53e17bf44a526fa0f671e447cb2

    SHA512

    0451641eb03c08d291a4d6e819c1e3f991454922e80d09d1730f5189634945d9658df4c021d020a3ec76a7ddb9ba8d20e8442b466fdf01eaacdc27cf6d54e86d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa1660677ee72ea49112fcc45b093d9d

    SHA1

    c3d40f6b43d004e0320d0de5a07954eb6cd4350d

    SHA256

    c9380cd6629022ff0e9857c9b879a36bddb35e2a5063676df92e71f1b34a4471

    SHA512

    4dcfd6febee1a1e2a07a000391db64016466efbb3bc9145e9360671e92efe317bc1c9f53ce73566d667e3784db74242b81d21b732cecbfe03d2ea7102798a97a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    895a7c019d43baf95300f7ab19171580

    SHA1

    2e277a8f87eb418e3efd7d44a75b6d4ed03ab39e

    SHA256

    5e6b1fb93496257d598c791d2a447fce5e24ec239023ef6708eb7d2b900a626f

    SHA512

    6e62eab03ee968e6111c6507c85ed5f03e4c55557b0dde9c21fbff3c11c19e6932fc26200fe433a545e27f708b704d16747ec1fc66f8897aebcb08f055dc9bf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    015d6e0d7277622e657469e82bcc7ab7

    SHA1

    b3bd093d28cad17514d8446d8bc862d596422493

    SHA256

    481afab14fb26a1ab29402e967715f6e38ff794a926f6596b3cd2d231cd16711

    SHA512

    5ea172dd4fc30b01c8817d4c51f22f298850730f93ef5a6a619b9030062b17081a1e52bda5d5853e35c57ecd36d4b477342d4b9990ce2b80ee908de2275b7b4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    586913f9fffadb37b6167324db36e43f

    SHA1

    41aaa9f5ff1278fe28aefb5093ab1097a602daba

    SHA256

    ce55ed0da3086c604ec9f75edf7c2120848e5ca47ee071cf400bbb5cc029b071

    SHA512

    d0445a81871ee4b1a8037266e0b5a746214d25314fb03a5f59d3a3214f847b98bb3d1fc3f6a9eaa43d92cf3122a72a13aa8446e4f25d3bea261b78f2f84bfee9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f790eecccc32988d248f5ab2ac5c82a

    SHA1

    012c3e4476df996891883e3f5198523fc58e2b66

    SHA256

    ed8d6754b5b41e45942799f4df320505bc8fbef64a913b203d81e330c392f848

    SHA512

    821e19a1567ba465f32f842b290f4078aad27dd1c78a20919187b566a8b04860e37a124421438ecf8588444b94d23830f0d9c6fc48ba934e84dbc09b32770017

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2B95.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FG.url
    Filesize

    192B

    MD5

    0fcf82b5a915470e8a79d3516f582a36

    SHA1

    75f81b41607905b231521243129aff3554a58db0

    SHA256

    076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

    SHA512

    adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2C96.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2200-26-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2200-0-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2200-24-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2200-996-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download