Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

3e4badff2a...18.exe

windows7-x64

7

3e4badff2a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    145s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 17:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3e4badff2ad5982fbd21f7811efcbbf6_JaffaCakes118.exe

  • Size

    142KB

  • MD5

    3e4badff2ad5982fbd21f7811efcbbf6

  • SHA1

    ea665d4243327abefb17b28c1a23896eead7afbd

  • SHA256

    245923bf2845ee1354dd955b2c6af24002c7de785c8f10a42989ceb3562734f3

  • SHA512

    f039fd795bf85241d8e06563372655be3a2ca5d933f22093452b1c16908656009e4af385d2af7209e7039e895bd839a39a7f3ab93fb41c7edd5d497253dfcd15

  • SSDEEP

    3072://lDPV8+JfZBJGhaul0M/A7QTJXc7w1bcn6px8AdftBLh:3lz++JxGaulz/AYNxldVB

Score
7/10
aspackv2persistence

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3e4badff2ad5982fbd21f7811efcbbf6_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3e4badff2ad5982fbd21f7811efcbbf6_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.youtube.com/watch?v=vsd3g0h_vs0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2832
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2832 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c23605d7992363733bf357801cbe778

    SHA1

    5fb564348e03fe7efe31f8dd7b3471ca5a681e04

    SHA256

    eced8fa92c376ab5aacfad113330716cbb7845b46c650ca4eead04417ed91d18

    SHA512

    d27afb2d1f8b7f145b46f08dc76157a003b0307e1fd6a470cad4fbaaa67e4a7fbbfb6a7aca88b7261de0b4af1d0383d4381762c1bc65ff44f89855dfcb9798e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae49ecb18bcdd8284f06a4105030fac2

    SHA1

    7f3493a65e23212dddfde78e552c37b617be6403

    SHA256

    7e7b86444045b26db567feefec8ac98f2eb623ef8237f371222803389a795954

    SHA512

    3b429c97dd79a3c22838b40ae262372e2954c5ed03ced3e8741c8667276b33e963f761c8a98e13ef7eb8f132881ba453e5a0d10025da9a8a71dc098933fc4d91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70ce7f9b7f4e50ef3a65422d2b17f4c7

    SHA1

    fc7f0e0c52fe504c65e9031f980da970062b34e8

    SHA256

    ee71b7d155447cc7ee7d8d648f8eb2ea52becb127db0181899950d63c4971d70

    SHA512

    870b4d7ad6bc05f94b903c81378ed5d2673fc5e2beff7ad4aff79a08d3b77388ec7c6f8922904568a722d6747f5ff47393803ca576cbda463ad800948473f6a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80baa9e757419a1b5214bbfc6f2ff5a1

    SHA1

    495c9429c791b9d29f7ea0a7b901cbef381269ed

    SHA256

    3dfdec990998881c50476d570a7102aba466896b1a578269c2d73a4cf2c3f57f

    SHA512

    d999a14a4bee80414ab36f811b94667d2ae0bf0bcb721bcf29b036c999e6558a631847dea19b78a3cbc845d356cdad3f26ee6ee05d732a05a690a686b16c9303

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfbba25c62d86bb3c3dbef40f91187a6

    SHA1

    c1b23b9b92c5fbb86d7c7666b0a09117397d032f

    SHA256

    1d98b59598122d92956122564e6a7a376a4409a425751f876f953d69f79d576f

    SHA512

    3c26bbda4d1bebc595a0cdb8ccd872519d7ee89d4c288031c6e714249e401cdfb0cfae920844d5dd6cfb4a722f03896c52feddc92a4b7101c3c519e60d13d842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    876445a5570fb5afdb9a320f96e09bcc

    SHA1

    8794a4788cff1cf1c984ac733b8d375c233dd43c

    SHA256

    30e4d9d8776fc3f0815b1b2dd07eade71bbff71486f835e61a1b918fa1e1652d

    SHA512

    665b4e2fafcb06ac765acd8d4ff6f58df57c89150dc6c6c8f5159f3a4bb2a8de408963e16782f9f826154843569eed6a945da0a2b0a908e03d25625eae50b546

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e78cd84273705c211e30aa0b5da4bb6f

    SHA1

    205bbbc4ae4478f6f1a07b3911ae545dfd49e811

    SHA256

    5ade0103566dff58ee8319d6951175f33eac2dc4151f646846616e70c388db3e

    SHA512

    2894c7118b754e39576747bc8f93c38a7f01b918a156769524e8ad7042433dd14f4d2f2f7c60d59246055312a98c213ddba4f8fefa0449cc66b2f774520d9e2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6725e07066ddf4332ef748128ccf516

    SHA1

    8cbdd83e45d988f5e776d4955acc749bdbbaeb09

    SHA256

    c5826d5d7d59c94b449ebcdc9a4bc5c516105e3cfeb0d329d71018cd138ceec2

    SHA512

    490a79eb68a90ec95adffc9e38f1e38cd54abaedf6ee36de63ed84c773058d89d9f0258fcb207ba6192ec0e411dd7940954e5b1b954e074ec777880725ee08a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38dae6a0496236666ce180b8b485dff5

    SHA1

    8fce91dfa3e6174e7eed9c975c08902d185b8ca4

    SHA256

    668d0424a1c7fc47737cf845410f53b0685880efc0ac9a4dcda67cab27f73593

    SHA512

    91dac35edae6b8c475918a16c3874f2fd1f041a0e151d5cfea68f0e4cca2382a93278642be33d0c52d81c5a74d0dd06358c1df9d6d5a9326d5a60dc47b0a4bd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34957f6322113f034b19b3ddab942980

    SHA1

    4d6fb56d23d7535924f751075a32d7b798433437

    SHA256

    d4b16daf210edb771b22c884b419a25e636a88d556cf003016f0eaf8e82db97b

    SHA512

    636c4535d04c2a447a73980ccc92f34a23e262f35d7ed00181c7b70c62dc7430797d6020bc1da50c0888b661e3142dea9e869823d3e577788c0bc4d5b0cb8b25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    890191a842dbe5febf1f6301a5fc1174

    SHA1

    df201aa0fa4b68cb9a5d6c8b9379c8d9c54b7efb

    SHA256

    620f57c500a916fe076ad8c4242070f08db2ea4873fed729e567a34374258fcd

    SHA512

    4f8896efb9fbb2b3e3c8973be172cfea8cdb5a51f2ccadcc6b296ae3c6cff5584d15bb5fedcd61d9eaebf955c32826684401180d6ac5262157af5294db307574

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9125f0e9ba109bc447c436b72da78fc3

    SHA1

    4a42d5a3349bb745ee51791733e1f19792258611

    SHA256

    ab0d25f50714de6e6475ade64d7123fa7211f562b2a0a2fc9dbcf126b070b801

    SHA512

    86d6c1f02da142f5b13b53a40722cfdff305dbf5ac5d235055da2ed6c492d66d194694f5b44283559d304ffea164e62f27921a10c33819e6bfea6a3aa1b99984

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8da60ad3f50973f40cfeea0a918363f1

    SHA1

    3f4495c9e044b43c4fa59037b5d4257c30022e69

    SHA256

    6caf4645e604f65c941f43dac070ba24929d0c76d00d2109639d7fafceb9624a

    SHA512

    9727830ab53ccced6a37efcc78e1badb20047880123229d80418c8026badc6a33c5a863e4a59538d7fc405f578bdaa0bb733533a8b8e04e93c1c5bc81d1a6c85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6131d658b0b945e65f2d124df678a9e5

    SHA1

    c72503fc4dc2f1c6bf427d7cb73d90577e6a9b91

    SHA256

    76d5757dee18e2e9707ac6d9aa9cf66a9b3194f6bf5f4a29dc941e4543a86b7d

    SHA512

    acd12e1455f59e1ef7ebd4df6f92417600545fd69c8accc167575807715c4989c653519b656d718efba7b6b6c2ad59351f53e35faa3753faa9683c379fe9808d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12c61e05a2a72756a814f332e3f88387

    SHA1

    d26a5e568551cb018723095393cc0fc3c1fc29a7

    SHA256

    3004907588aa5ceb78efff6d56b50fb90441f447af7497e3ce411347f66a3256

    SHA512

    fcf8c1f732440d68af5e118d60708084bc94cc0ba6593aff6b6ed2d93c935730be55f4018f464d130cfc681383aa92b77b6d6cc5f1baf4e8f41247e7dd6bf43c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5065afe52a745be90970dbdb16b06cec

    SHA1

    2f66a7440101fc5e7bb8c147131ddb89fef05dc9

    SHA256

    58066c6c04b2dfc674f6a189721e3a94478494afe74a218fafbc48995540ed30

    SHA512

    f7b33b942e899c93343fb73bfffef5bceb4327bcea9ee591bd5bdc33ab948015b2665c3580b49a7271958567b7048bb34fb5dab02a69065193279f366cd95e6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb48ae91decc1bebc596da6ba357dc65

    SHA1

    5fb59739c590d565e06e6129f6481f40f51128a1

    SHA256

    8d8f0eb7ce26a05115f694cc2de12da1b7310aebcf89620b9404820fca50bcc7

    SHA512

    268539631cfd4bbfbfd2cb5656b6f4036f72dc835bf410a2aea106242c02365936ad47809d7bb825f70379b0a6688365e91aeed384274c41fff89618c8aadf6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d64c640f8411c30cbce98c1ee368a6b4

    SHA1

    e0f18b269f7210363902a4066cc72108527c0f3f

    SHA256

    a9776799181509ffd19fc140197c2602615e5725186c337fd1354d40e727a9ec

    SHA512

    d6ea9b49402d7af0136ede07711fd185d87ca374331627ec1ef18ddd8bc53f13404e4348ba3f2a4e1401c5fa61d7d1a50d9e86502380f6412ec8b62d1ea86d3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6734961bbf190e9c75615a8574f076dd

    SHA1

    6faf6eb793f12cc09f2536a5e288c2140c1cab1f

    SHA256

    089aa72b90f54d9055d3740ab1c7e278ce31dc171a5745c232764861367148ce

    SHA512

    c631a0f181a4f19101717e671ab6f3106b9a9ed6127db583e7af017d6a950e9057f4983fb2f3aff8ce7c589aa1bd734602383efbc281e3302b34500047dfc7aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fa7bfd2224ed357bcc6d4a286a59620

    SHA1

    8b14de6b54fb4aaa40a020b83b2e0dc08533883c

    SHA256

    c778cef26e2a1308aac765f787ead27ceac24f4c24978d39c6eecf506d3c94f8

    SHA512

    c8569614eec2e20b9c4397380907ce5e4b1e4949c62530cc002edd828aadbafc51ce5045e9f53289ffc6c914e70a9a22be7fad68ccefe61beebd1d7fe3110bf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ea1db658328db206edb62810d0c0f3a

    SHA1

    ce8172e7fe2c190051bec3d1a09f5cc92f26a89e

    SHA256

    530ebfbaeb874fa7194205eba5d91757ee81aeb0420e38624134452aaa64986a

    SHA512

    43858b916de4adcc3a21ca249d849b742950b6f446b49c81d27b71914e32866cb068634a7ca332149216a19dcacdcfa32cd520558da724b81823d88e224bf26f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4075635dc06bc6061159c20cac07a342

    SHA1

    7ada5b88bf3efb855b3dd7edffb285d5da8264c4

    SHA256

    10e3741eec15ec03849842f3e7dfddde16014955674707fac8108606913b5617

    SHA512

    61933021e9770c5859b8b7bc6fb1c98c114431b7c7fe59b1233b7ce9fe895bb64e271cbff83db623320cc7d8522732e472a021f2752dab129b7ba362d4e1199e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\c2sxdb0\imagestore.dat
    Filesize

    1KB

    MD5

    634928f18cb8d3d7c47bd4b900a48bf9

    SHA1

    9890ce3d469d72d68031098842644a9bd1755d3f

    SHA256

    b044d37c2a99c52afa0d2f92dbaac77c2543b9fafe1a483c79f18e1f4f87b82f

    SHA512

    036a577fe402a3a050585d03d12e4b360c7a71da9080ddaf582e6efe2c91c76a06949b35e1b1b052d8f71ca01337879a856d6093f3542fb0324b697f5a174eb5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\favicon[1].ico
    Filesize

    1KB

    MD5

    f2a495d85735b9a0ac65deb19c129985

    SHA1

    f2e22853e5da3e1017d5e1e319eeefe4f622e8c8

    SHA256

    8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

    SHA512

    6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9187.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar918A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2652-8-0x0000000000490000-0x00000000004D6000-memory.dmp

    Filesize

    280KB

    Download

  • memory/2652-1-0x0000000000400000-0x0000000000483000-memory.dmp

    Filesize

    524KB

    Download

  • memory/2652-2-0x0000000000490000-0x00000000004D6000-memory.dmp

    Filesize

    280KB

    Download

  • memory/2652-0-0x0000000000020000-0x0000000000021000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2652-3-0x0000000000400000-0x0000000000483000-memory.dmp

    Filesize

    524KB

    Download

  • memory/2652-6-0x0000000000400000-0x0000000000483000-memory.dmp

    Filesize

    524KB

    Download

  • memory/2652-9-0x0000000000400000-0x0000000000483000-memory.dmp

    Filesize

    524KB

    Download