Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

344ce91702...18.exe

windows7-x64

7

344ce91702...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 10:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    344ce9170204a415c0d4d047bdfbc0b3_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    344ce9170204a415c0d4d047bdfbc0b3

  • SHA1

    d70f34f77d9fe890e18b61c57a8b5ab12342cd81

  • SHA256

    b9e66fce551add4a881d641c833bcabb0071b32b9044ab4a98ca06e13612b217

  • SHA512

    7947624276ca29c0ea93d714d67951bfd2291ecc1e2849ab2fb5082f4acfd3f50f048e0e82e4c98b2f468c1c4df6674b1817414b703652713d44d23d220461a9

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1vC:PWfUkBPyrtBxgQTMK0TKpxS3H8j0bT

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\344ce9170204a415c0d4d047bdfbc0b3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\344ce9170204a415c0d4d047bdfbc0b3_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=477
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:840
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:840 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d1369b0d193da828ad6731d79af5dac

    SHA1

    a58647f33b662b21e547ba5792346cbcdf6c8659

    SHA256

    2ec0d8f46c2622a9624d03bf2f02c4a46ef76166922d411f3b14dad18e9445bc

    SHA512

    3e9cf5d33a08b18a2cd617682aa9ce99cb90cdbd2c93efabeec2e0444751ceb1013a6fea9920f1d287d1d6ac801318ce0be12744053a35c0dc954fb34c2a0fe3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a85ab66f2b63fc681b0565598e5f42a

    SHA1

    b4e2d7e4c675de9d6fdd6b99800fe1c80d4c2a54

    SHA256

    321c1324f3e8f4bf25acda1adefa646de73401fe56546b6256dbb676f5cf7aee

    SHA512

    978d48d3e967c94a4cddfd09c9fe035fa4e2792b5f0780a6050f079ba95d61cea785ada0d1243549684c098ae2c736462f03ddb8ca0229820566688726e45cbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29c3128c229a32b9626e999680b882cf

    SHA1

    36a7a4faed6cbfc71430c64a5246e3ae87e6a8f9

    SHA256

    65d720ce58b1108fc450d1400098b2386b79138b7879c2c08ef1a5d23d727081

    SHA512

    486fef7d9503f6926c89a79cce1a907912ff6664e7a1554651052090c8b0f248ed3b1e4314a672ad74216b59a48ce03add6101e518cdfc6f0b1e4b7e86af8dae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d295f6066e74434b0679fd0461c9e47c

    SHA1

    23982b10358c2681f1cdb297f784a521076c26d4

    SHA256

    22b5bce1f2b055255827b5fb96ed03399b8b428a053b2742bffc6b262d469dc6

    SHA512

    0bde80ef21ece3eb856b12dc314f52e0df92b131dc989d5d2baa55fd7cb7a65f15eb1bac186f8e87d9acda358b256c50193992c7a8cfbe5bf12d6ef14b29ae34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08df17941a5f7b0e9eb827ce771ba458

    SHA1

    d71d9b37a8970d437186f124077d336a1f91c7e7

    SHA256

    4629d9f6406858269091850ae6731db271ec7da07199b02932d30f4423104bd9

    SHA512

    9cefc9931f3c69892bbe44ebf8341732f62954b8fa39809758f9661a3ee323002de3d67e4a48f1eba516143b6334438f6a4ad078bcbfb8b74db7b972d0f5339c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1633ef0a76e44e2896340d2024095e65

    SHA1

    127affc7fe1b3420d749af181c8637fe62b31a47

    SHA256

    9c998f8eff6830d164cf0d0d6dd4a0af3787ed583b5629e7bd2c2a7feca192be

    SHA512

    b20c40f8c41aa8aa28c2f6fa9a54b22c05ab480e1b03251bdc13876a2768b3145573a97b93e723c7e607cbe338d9ec2c4c6a93ef5f97582ab6c70aa3c0e03432

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23299fe026dcdf729012791297816ae8

    SHA1

    2b563d32e3df8b796bd60e65521eb7ae10d0662f

    SHA256

    70f82e35abbb739a6d4cac06450ca7c3c604bb65e1af361d37ab4229bc12deab

    SHA512

    6fde918f2323d2fca378b88a1c99665dacf15dde320537f42c56f5915ad92644c9f022ae4fb0b94535315632c812d1f6c0a059e6b4a7dfaa7c01a82e3ec1cc5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e2ac6c6483c519ed6c25b5ff4624dc2

    SHA1

    88ef85e4287f86a83d7d71b9fecfae43472caae8

    SHA256

    56f93a0e5b496e2eac0c5af7ba7a7e2db96107526ea441871cc647a454c0599d

    SHA512

    dccf763ae8dd1bda29e6df56cf0e22fb2aa9bd1a28e73829193b4ad3ab448cec161089e770c802d0ebf993b03f4c7908ef10cd688a6ceb1a7795687ab037152c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20473e01110a168d9203399fc0f0a5a8

    SHA1

    1a108f52bc7ccf7485aa71c9067fa104f0069ce6

    SHA256

    501895cba54beb153792376560782ff3bca32c813e7d8c1a9739004d1a21191f

    SHA512

    fb8969a13c8d176fe3e1504ef081dec3013d24ef09dad07a1807373a4a4ab9f6efd125e91d2bacc7302d5984f5d1f186ef7da6801945d24cc669dc42bce7b964

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e5149f1fa7db9a56d9f87f4e65f9854

    SHA1

    544fdb2eda47349c682cb6239d37fa9607ca6f68

    SHA256

    87e9acb5ae80ffb6355fa68163ebfe1c10bd83af920fed06a963e87bdb14133b

    SHA512

    f37a6fedcf68d3494104cca0d7f0ce0be1320bf06249fb54bba1826499c39827e01eca5e3704a162ae7d3aa3d6e959b0ec3bd9f9588bb55fcc8508101d8a817e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    564bc16b8a7faecc81f7bab589c01e32

    SHA1

    38b53a34953dbcd3129337e773abb02bdf154472

    SHA256

    f1852bad85c6d57cfa127acfbaeb44efccb4adec5bf9c86f1de0a90e3420d98f

    SHA512

    89af9dd86fd33d6d7212b318885b1a0daa02b13541595db3d184291b5d7dd12a0b5f01037306515b010e321c31deeb378f5d9a716a48038b9e82eeeb1cdd166b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44fe1a3c52104462caa7dcac713db585

    SHA1

    370bb3840fe3fab2d29ad3ee09c6c0247529ac69

    SHA256

    668376509576453997b4a27b2b3427032f924d7f02b838fb5c00311a1a7c4bed

    SHA512

    7770364029c8439ed81253e6f1be667064fb9d4fb70dc6894926b4389875eb4a3b1b76e66c97ab5f7f018a65add6f74fd197a64acbd194770626f1b3dec625f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b900d2cb38416dc143319b9c0841aa6e

    SHA1

    682406fbf16d9ebf5239cb0947a01d72d64b334f

    SHA256

    aa20bbf8cc96d526beac88a856d68fa1709da46739db7f7a5ae8e094609977b4

    SHA512

    f1ac7b1d82f808fed3703d0df2d74f0025f53be6655eaf4a562795a1b42b27485fcaec9ca80422a0bc5420148632ebe4193ff4c07846431503148b4d57f8e6f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2834328fc60dd2208d3049c207515384

    SHA1

    8acf55b55c4d29c936ce54016364e0eff8f5388a

    SHA256

    632561f87f522a920ce8392116b6aef9e63ba0ebaad74e287a330e8773ca0f93

    SHA512

    3ca7fb210a748e8a5f6ffde595262d0d22348db1f579897d9e9680f39d0e3bcda1a5635c5328c6881bd72adf8d84f1fc10ff0947e7e5a40e8b68526177dfbcd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e324e87e861b55bca9fa2207703f4f3

    SHA1

    a46006bfc88beda5ecf25774ed7aaad59ff5e0de

    SHA256

    5d5d181595b62b524ce04dcc7f2904c91cea3e386a294ae489f825164ee6966e

    SHA512

    c9dc91df3edad321b2a2031d90820bbab481a0929135ce5489198b2c9118fc250f1129fc6a2f2d6a6dc95f43b366b988ba03197e04af1317bbcb0f3ac935d55b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0cbdf4eeafe16e9760335a278ea3f6c8

    SHA1

    53c03c06c24d5fd6f45b942af2213c8bd6a31bc4

    SHA256

    b8bd5d97222176c6dc50c7a29a22d5b52253f319514f21a2b44fed8cc1ba7ab1

    SHA512

    9944df405405953ba9128635744a20bac53278fbe71663b255e8a0043640c0d89d40972ac425060f2fe9964791e4a888ce439fe2efc3e719ce56a25fc6257444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fb3ba0f15d46b3b83ba4f4f60b975bd

    SHA1

    3f8de165d8c8a80542010c594b964e947d9b78b9

    SHA256

    a88377a84a7dde3751d6e8cd9631555b117874db6b7b8b551ef5edd07679843d

    SHA512

    aa675685804e61f88fe214ccfc120ad5dc3cea8718962169eeb36fce8ace32909c85dad651890f231e99953877020f08d59c6cc349908d9e13c4ced2a89bd5c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af308c6179b2f2735eb9c5a9524650d7

    SHA1

    961612712d0b655e720f7ec778d5dd1ff053caef

    SHA256

    5126c87a03a22c9030a433cf02fe0b32311cfb3e2305f77aed17a424aed7cd15

    SHA512

    976567de934493a04ff9b3399fa92eb9e5e69f3e90f30ec0639fb50d7141493bebefacf7eba1164337b83bd9d7c9ec62a646ef243c0f5425e679fabba661e362

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ad52e0e9533567b9bd0aea78cc18a95

    SHA1

    50d686d1dae256a137043895cc2a6a2e8f64f608

    SHA256

    1816244b4db40ceb7d7074defd4d6a75bd65389d7416f382cf4f562127658b25

    SHA512

    c48007a7db330327d62ba656f381d218c0cdc65d3ec61599698afc678cf2972b82a00c86e081682ef740b6cc2b93729702250a6e9e55808675844f2da7363cca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a94e0bd5f4375f2e3af7eab7e36767be

    SHA1

    e385582e99ec6ff74cc3223a71c765cc20cd64b5

    SHA256

    60bbcca67daed5dcf3c4cd2b6989c632f37c47e244e37681ea7dacffa27224de

    SHA512

    119451d8a7088d94f59d930f7f331c310e28a347a4c2c712b5b6015408fb0c2b31f6533bee3d1551f9ef79c30d36c1106e6789d407077f591c91b2c1cca5e52a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4CCB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FG.url
    Filesize

    192B

    MD5

    0fcf82b5a915470e8a79d3516f582a36

    SHA1

    75f81b41607905b231521243129aff3554a58db0

    SHA256

    076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

    SHA512

    adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4D3C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2080-26-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2080-0-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2080-24-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2080-25-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download