Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

3a88a3c6dd...18.exe

windows7-x64

4

3a88a3c6dd...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 20:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a88a3c6ddc311cecbe142eb6f1e5f20_JaffaCakes118.exe

  • Size

    4.0MB

  • MD5

    3a88a3c6ddc311cecbe142eb6f1e5f20

  • SHA1

    65d359c0925d5dff76518e1f79d6d64db921357f

  • SHA256

    af2215af1992a7e79600a470f65bad5c9f392065537fc71bc108c60a804689c1

  • SHA512

    ff24f2401617644965b3925324650e867ccea2ecb74a7df48d02d31c3a088330edd53a4098b2e67efee06d6da8e70574da2dfcc06fb928d9195bfacb6c048d02

  • SSDEEP

    49152:3hM9otUiOUvUMMNaU3drd7dy19J9Fxg4viGQ:3hWGU2vUMMN/lo19J9f/D

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 37 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a88a3c6ddc311cecbe142eb6f1e5f20_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3a88a3c6ddc311cecbe142eb6f1e5f20_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://bbs.3996.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2680
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2680 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    773e224eaf85a283ec51cae5e43cdbcf

    SHA1

    c47426657cd1055442b2b3546ac2a8a6001bb34e

    SHA256

    d8c9d74385b300fca68767ecb8768f2c8c797eaa6fd4b299f3c22aaeea29aacb

    SHA512

    e91337a6d3658576b6a37596f76a1abb61435e31f86ce0c1955c24b49e08f9c0c8f3ec4f318dde8f96d2c01d4244bc5999b64f3646fe58db6deef8a2d5999a78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c1b85d8a5154d8c1584807e02c0526c

    SHA1

    09d4b279a673640ce3026fec840856e7a95c0848

    SHA256

    3b05e83160178b3511e70ed344050aef23bf7d2b7eb6d97b895951b0dab16ff7

    SHA512

    2c3e28a592270d579de4c88b7449d7d16a1898852a78f8b977dd909bd9a5d8749c6679d64b63f60f561ff78ed2274656752ecf83b92e03d9fe04dcb6c310e325

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42c5465ca166d81f09c73d053d30c544

    SHA1

    5c767b6269bc650d873adc76c0773516637e2ac1

    SHA256

    268ae936b386a0d32512106438a44d014c3d1e154128f68200b721f3d23a8bc9

    SHA512

    c265eee232f402b539b0c5a8f70e6db79414f7b55a1fd51ed0a82f67e0d88173283cb0ef006dfd82f69abf91b0c329c7bd3a37106ac82573a9db20e6e1531806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3617bc920f050de76281cecea0c30b9f

    SHA1

    e2a1372e2bb07378f64e0eaad9aff0e9a07ced62

    SHA256

    5dfa7bc3605ef64f1f2a0c958081330109fb6a009d9b826b44b6755922e69904

    SHA512

    9a3bc1c0d01269096f7b94ffe4afbf93fbaa7245d58ff345a0cececc3834c9cd2aa1ba00dec8db19ed82ad24fbed8ec49919dd3999c59a6de7d71b62302a23a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0978e8f9d352c89af635d2796dcd6e56

    SHA1

    a7f4b983af1497881d21e713efb0292aef35b4b1

    SHA256

    b39e8a7641b57b7e61f512157fb88d812f1e76119934723dfb619a05d3ac87b8

    SHA512

    1d6517c99eb73d5d9edc7b675c60bffb08f9d3989b64fedbcaa6b18c75800b8962fb764143256cd96fa62ed281dc562580513c80a9e3546fcba0d648566af779

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5cc62d774bb212b9e91c19ac51b3edb7

    SHA1

    28c6405ccdc38e01ec4f6df554bb6f1f70d5fbc4

    SHA256

    05d0457653f2d2c0adfa2d9e7c8bc769361eaad21dc4834c819e50baa0ae5007

    SHA512

    88e9b4a0d824c8c32a922497e2fcd35133d80abfb321e4c2a0aff62ba9f8c2c0909992e76ce9a965aed64d3f2fda3c2ed823004191ba4c7aebbabfcedd49037a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d3bec5067a4559988130008724f5ae4

    SHA1

    5a37e5a05505aae16d014bf94cd6dee5d652b7ec

    SHA256

    03ae948ec48e03f66695eb109f6d8bcc4d36806bb93381176b7a5e95c71e9dd1

    SHA512

    b99f7d077fd39ffdee7dd22114045764eb911fe65d5d75c4ae451d571cec39b3eabef540d3786bbb5118826c107be289bb52d9be10f5969ca314668954e285d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60b17a7bcb4bbe8604a12f0c343e0219

    SHA1

    f30babfc0000157f9ec4ad2eaf2c35bcce30abbc

    SHA256

    1c60a8e2d6c738898562e46d1c51fc420023490c46a794ba695f7296dc32d637

    SHA512

    be614a47f53fa8ac0af88bc6aa2cb6b5fb76d55f7c26afc72f31eaa78344b483d8d36c5b5d18217c99084e39a6e45b6621f466d948e158afeb7ac74eac1a475e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b977c8683bfd3a559ea25679b0679f5

    SHA1

    ccda40e9eedfb9125eb5f6582e51a160dc5291bf

    SHA256

    d1de916f8548d73a14cfba5d39cad14a106b1fe18d503134c2f4f05f8cbcefc8

    SHA512

    8dd7a3f5b952bf31aeee79a5c469288b0fa79ea95aa5003e17a0e2f57c8a79c906d8276e9bac9e4ddc8770c615cfce1156d580776fc4af0a9b153f262d0db11e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fc2ff7564467c84a68f330e70b2d1c4

    SHA1

    f51729235a01dd5f527a5a906390eec1847e4702

    SHA256

    e227943238c9842a5bdab6a12d0948d42a2615419a5c43e486c83e3014256888

    SHA512

    839729805e54235f6fc773999e683fe4ddc78b97965da3bfedd35c032659b7799856586ba4e34f4f261befc00686a72e8b32cc43fee8b94c3e538209c96739ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c1bd06b0204b5ac052cf9fe00c66643

    SHA1

    02d8b220407e2805ad4783b76055e9ba9e7a7f59

    SHA256

    268c057521f5b74835413e72573a070d4ff308832a8925b5e9b7a5ccd2abed9a

    SHA512

    adfd9c0f1c062f00da2f012fe4e6e19b23aec5f31b3ae212fcb9acff2d09074b0690ed4afd23c82bce798b0b9a8b6ddd1d72954f7c4e88baef85f8bd576aad31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7107ba8789c54e731dd976d454c3fa98

    SHA1

    d866a622f9f9eceb8b5a10feb3efd821df25f93e

    SHA256

    c3f3ae0276e0b38c81268bab1cd8b61c1a5c9d0f0f8c85dc397a8873acd574dd

    SHA512

    b361389b3ab5a159207223ad3a7c79244890074247b5f581d91807c50c5fcfe1000e431c9b4bded1f70bc5eba917a22ef21d5e2994ed5ad55d17086fb09584f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24500131111c526b46772dc5f5325ceb

    SHA1

    ee942a810b6764e863097e8fa45212fe09108b5f

    SHA256

    cfd8ded40d2e6d9ed98e5eefbbdfa6437190557609b6f21e43c47a08073bf000

    SHA512

    6e12dbba40e3fc83219620d4a25953a08294c4fffff9212f803bef89379686cfcdc80e864ab54f86373512658dd493dd05a0b64544a94491f3218a56a2e70baf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06e2a59cc6c08894f9de9a52d3ce3610

    SHA1

    7559b61f4d273d3a5ca1fde51cb9fb6748621fad

    SHA256

    8599c2f241b1d21999ea54a3aa5722c4cbb454677000a9c59f81e7667a4e8972

    SHA512

    c5f4da9b9f9a58af90c4fb3ae0a2e0b003a47dc8aeb68b86b2cec0fafdc980f710cdba087084464a6c5f03725540353f6e7d1c6ffb34821260df1b8e14194834

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c29197e13a93425ccd4fadf8231c1c29

    SHA1

    6517cdb98f865bd44f21eabe426da371331c7c60

    SHA256

    8cc9c5bd8b6b97049d8b0368461996eb5dd8b7b0807fd98cff04336ec35af009

    SHA512

    ae5be4937a1f70836e2652d168245d36bc7f9df6c068f74dc3e0748e32b3a39ceceb4b699f7babf843810aa2855f8f79898d5f08ab137ab3da6a876b59ea83c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10866282b8f950c3be590c972b738878

    SHA1

    af3de008795a197f5821a881de2b53bf4b552d8c

    SHA256

    a33583cfcf0f55531da4e75a7be673534effe6cdb1b65d61c38b6f7a085d2e80

    SHA512

    306723135ba7dbf1952165bde28bcb74f545a59f3ddb39c387109afd859dcde110cfc0be39aca71ce48f8ae35857612e0c3ca21414f191cc00608e2b520d6286

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48cd25474b8d5622d71e7bb0019e568b

    SHA1

    c59539b1cc77a6497df7a4ea5c78b538952907a8

    SHA256

    733c04879782f2fafe38fd34b75adae1ca40cedc7d4dc8629d9f3c1e4ab25cff

    SHA512

    c0b4a9e12be4e0034613d3d348e6de397b4594875ab49c030cf3eef960535f8cb61ecb92da4e4017f49c11ca9003f213956815e8176d222e0a2dd5a74e358370

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2807f98ad01bc636efc114b06f5de737

    SHA1

    740e60dbe1011b86e651d3379b3bae0e88fbddff

    SHA256

    cb058f74ea9c3f5899b79a76efafb6085e5f9700a8bc2b748baaf24690ab281b

    SHA512

    8dbf244d7fa8bf72429cf1d6ef74b41eedeebebfec43c2fc66dccbb791a6e8c01286a1cfa6aa0b3f8875b38c3ae38aab600b4bc49362634cc3a41351ec86937b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd6b085832464d2b1e79ea9034cd2c7d

    SHA1

    6522be12a65c0387be4cd70ba6ded537aea8d4de

    SHA256

    598f68fd8e4ed556e6c2e6fc5722761fe91899b021ac07cd09eb9d5bfe321a71

    SHA512

    95610b9f085324d94a0504016d70000cfa413c0aeeed636903d10887bd10d7c8fcb3ac44421f2fdf7527d7120dedb8ac759f280fb6144c1324be865b15b4b185

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQ7VMQEC\httpErrorPagesScripts[1]
    Filesize

    8KB

    MD5

    3f57b781cb3ef114dd0b665151571b7b

    SHA1

    ce6a63f996df3a1cccb81720e21204b825e0238c

    SHA256

    46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

    SHA512

    8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPRIFH8L\errorPageStrings[1]
    Filesize

    2KB

    MD5

    e3e4a98353f119b80b323302f26b78fa

    SHA1

    20ee35a370cdd3a8a7d04b506410300fd0a6a864

    SHA256

    9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

    SHA512

    d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7D4E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7DB0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2824-0-0x0000000000400000-0x0000000000800000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/2824-469-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2824-468-0x0000000000400000-0x0000000000800000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/2824-1-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download