Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

44021a7b72...18.exe

windows7-x64

6

44021a7b72...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 02:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    44021a7b7288d6216a9bea8b343e6062_JaffaCakes118.exe

  • Size

    536KB

  • MD5

    44021a7b7288d6216a9bea8b343e6062

  • SHA1

    fefee460b0924c8beefb787985a0d6f5a4091fff

  • SHA256

    b1602635646805de5fb2c4282769e0a8c482f74b9ae33522f2b5c6b1e2e46539

  • SHA512

    e672d3c9ee0831d85486d16f5e39a4262d6d05de15dd4f73d110b952df6f97dc78d445a05adeebc1fad800cea0c724b5c565ee17ddcd4ca2e4734b3b3c04b72a

  • SSDEEP

    6144:2jRuwI2ET+JxsDqBmVg6bHvcu8iIZZVE9j+jHosfLKQNd117bDkOI2XgXx5v3X:8cw/Nk

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\44021a7b7288d6216a9bea8b343e6062_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\44021a7b7288d6216a9bea8b343e6062_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:800
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.youtube.com/watch?v=gOO_UqzEc5Y
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2088
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2088 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2152

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    803912c7a056375c174f62942c3d0f11

    SHA1

    bed9902ca6d47ccaf1c19f7b979517365eb4861a

    SHA256

    1eb2d3c7b29b8973520e11af69051b0f3f9b572134cec33851927032ba512ce8

    SHA512

    17f0f0176b37f8105aeff525f86b2b6ab7e2797fae01c5ac54ae7f87600073f63ac0939629c8e4ab1c41a82f49075f75ad52f3141644eb9056081421ace8b3e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7423325b6df1ef0d2e2ca9bde0db33fe

    SHA1

    4664eebe87bf6ea375f4102ad45b4f58f2e62c40

    SHA256

    6a1190eb5e5f1202d000c5007e0895c4a4a6a89e5ad333597900fa7a2da11968

    SHA512

    d41495fd39917cac1e7e3d520303913a99947ef001a74e7abc568b4047e49bf579f4524e9ed4582d936b6c6fa399ed9f88e8fc6aab640e1c87b2b90860f3823f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a17372264f867d9253db63fcfad39de6

    SHA1

    aff669101b3a6dab49c315531dcbe5962014f84a

    SHA256

    99069485eb058732fc5403f86e1397c3b21e95ffa9293082181c1f0fd1d452a0

    SHA512

    8c8f3d2269eceee1f2a290f0b9809ef84f0beeb84c773c43cefc1218ce9427c42e4e5182f096a724fbba5757739e90ed329116261a1f362169ea4250b5aa92c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a45c35c25532b15ab825afdd6e4af0dd

    SHA1

    a54cb202063b69dfe1205077862602a74c65eda7

    SHA256

    868dbebd3cae7d0e9e0a76209ed4e641d321a067bc9d7c19d3929a016a59ce0f

    SHA512

    a62b886ab146a68a33847e1edda6a883d81184b21058365d202884046e7e9223a0dcb2f7d97555f93cdae4ca05af5510afe0f1f31f0a76ea2f21857eced3c967

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    662f4f996bf33237f08f7d94a7db3b1c

    SHA1

    5cc42c4868326a630da8dc6377eb5b3648f921b9

    SHA256

    e698b2a42be61b7e8d59aded1ee515407c8292ba932cd6be6ef622340c1c83c5

    SHA512

    b52b778e20a9c68da85e2f6bdc25f2306b4b6ebc2fe2f3460fca93f2d2668964e70ce0e30d3b73b517bccdacf37e7b072727531f12ce557ef7f57652a2082ad3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e14d675600f75fe550a695bf77305ad

    SHA1

    46f80dfe08b91c67e2f396adcb9881880b18f081

    SHA256

    5eff0370b08a8fa8320feed8718f7557928a96725905f8636ef7f395a0be8ca6

    SHA512

    610293b16a9704bfbfcb2a74828ee30440d0a19144f1895dcf93c2977378476622c517468f8265cd2c42b988cb7ef97c2d8d4ae4f8245c97b873fa50a9a9847e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12370342b5d4caa25675892194e3fa69

    SHA1

    1d9a84293fd38b6810681e4dca689450dd25d2ab

    SHA256

    9a8137c089ab1fccd6950e797b14a6e9421be93bd5903a0d9b29d3ce9430bc7d

    SHA512

    fa14a6ae2036afd6b56d5084a4c2bfc2015f100342a1a178b2d1fc3662daae6b2d3724a4b497923c98bdaa2e2937b6d7f983f1c22abfece1e4ea1a71a47835b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    574a86e530b6f24d3756468219dd6b7b

    SHA1

    420cfa2a37c721eb0a66e39ee9cec7956532d184

    SHA256

    e5cfd28b21a2d7593d4274d0ddbabf9cb6f675a685bdf151bf150603f0e21abe

    SHA512

    eb7dc0521d51ba2575406407f10ad494190a0d91c375fb103b7e5c1f6eaa1e7773da86ecad129ba1e0349c804f1e73a9d548226c7aa3d01c2266bbdbe227795e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e0111688814d034bb65f0d39cb2406e

    SHA1

    c7938754cf260ce897d84a792224c66afe89d03c

    SHA256

    2ea3d2a2387db6216ce9ca4c4dc4fb584daa4a6d7dd9715c17f6f7823d593370

    SHA512

    799444e66483f7a56701faaab1a81592999db1d9602777620441fa31cea527dee0bf05a894b6f4a1b2763a789aa8178ea2c38d19b98cfb136420c1e23d4d7fc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1ada11b9d9c6b04eb596831e3f45901

    SHA1

    b19269d512ec13fa48dfdf08833fad08093efe42

    SHA256

    63dec6ad0bd50cf84fd05ed541e6a985da6b0273555be6e91fb7ea8643e7bc3d

    SHA512

    e6b36559f04681a97fb747bd4fb2bd65e86ce7b86722e3a4792e4c9801f324c011a92bddbb9f7116331d4664e9f1adef06dbf1715d6e3378c365e0eacec6368a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28ec37d47caecf69c3723b4371a00a15

    SHA1

    41c5cbc935f7dc99fe68fcae5cd9d819ff6dbdb2

    SHA256

    17982d9457d53f807266f158982db65dedefe2699552ec004630f4d3c687493f

    SHA512

    3674fe16f0263d3f09595506ffaae72c39193c092cb0f584bc4ea7a699e706cc4d9b86d17e77ff643b9527e0bed41dd206923fbd56b1592977ca90abd6b5f38e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec5aaa377ded87dfc0f171fb1b4af280

    SHA1

    63f9cf47f46e0b4652df2a852cdb43d8af039706

    SHA256

    0ce17e6c146e6f6a927b421be0dd30c1aaa8e225a20c94a08c481bfa2d4dad81

    SHA512

    610f6ee7e35a6999c56aabc5a145b5b2dd8bf8aa8fb14963e720a596b892de1fd54ed02278a60026344145dd56efef715f13a70376448bac38ea1e78c5cf7df6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4b4b4aed1ff235a4a43458be2e20c62

    SHA1

    ac7b0232775e49ed54d87a8079ac1ed3ea848bc6

    SHA256

    ea454777551f8a4ce1ffd7b49d6463ac17cf63b10c2797ed069c2bd30abbad1d

    SHA512

    ac03138d1842eef963932ab1d72b3e8c8aac9af7ec4ea1638b917be8b182d259ef8801c5874fc2641cb2ef34030671bfa0de51d4b216fea5ef9064a71c95a849

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b023d3130a88058db16e08399518f57

    SHA1

    7a1243ecd4d1f0eda212f4d8af6ca6c74c82e2e2

    SHA256

    135b0105bf6c61d886e9d6ce182ee75848a2740d2cae4a0d51a9f89514f899c5

    SHA512

    80d8ed1045805fe0292ee55a3bd1724bf5acb73c90a5388e41cd6cfb1ec241bb2f38bf21954345ab96074745b1a9c321bb9299997867a16c063f9346b94cbf72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    755eb66493ad4352ed11b5cb86ab1ba3

    SHA1

    e1a206de71866aaa8f6b9c2bdbfffdc1044aa884

    SHA256

    4d1a6c682a1b64d8165392c3f04c8a91fdea80d2a200018518a7606a8ff2c395

    SHA512

    51f889265573eca08fb4bec548d2da56ef081577b6f04ddb3790c7391e411fcc73e441e57c201eeb8811f3f96ce08c39ef6f7ec07537afe3c434937d8df6dc47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    997740963878342bd4f182aa48ddd0b6

    SHA1

    832c6174c0fe3b9e3c056bfc6b3fd7ec803e2a85

    SHA256

    f2d69b4fc847b89b836d37458562a5812102cdedec34c2a8a2c8075fd098e973

    SHA512

    73860b84e5356a3f1781e0c20a70fd7dd40960546bde2ce5bf44fa9f9bea2660dc148e3575062eb12816f30848801b7a2578dd7a6c5a14ea5b94d4fdf9782235

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bb6651a2004af46e22c1c0fb787ad35

    SHA1

    ec866d047fe113bda8ebc770b8b1402f7a9b771e

    SHA256

    a6686a221dbe65ec71d2d9a3b79f595708d4472adb6e9352f6ecc570f0bc50cf

    SHA512

    608fe20d263b07f4918ff062f4b0fc87fdbc9651657d79916854ab31101a431be20f0256ffc78813ea4ff6181264a1b9b45d763d1e0685ac296acc7c739ad9f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea7a1d0612374b37339415fa89e570a9

    SHA1

    198c85f2c128731aaf748a125ab61c1265d54443

    SHA256

    4a80b238ba78654ef63677dbf8c4ad831ce99fd8315376c2b3b2dff614354346

    SHA512

    995e55423d5e01facb76f5eafb3fa65744d24e13afb2b60e5937f74470eb33e12b4a695ed247086e874f9a3faa2bf594c5e37795884bd4af8fdadc9345ab7587

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4a877e18f1351b6e41f89f64b508943

    SHA1

    50b1c4ca16bdd377a89d4825b6fc9a6e0c1dfc1c

    SHA256

    014ec1ebda957375955349f23b3acb98756fb28921f6eb27d7f4d731d528f163

    SHA512

    26e0166946a0c73e21afe456221df316043c5508f2b3d53eb1704491233749b2ccbd35a8024733a6c1669dbe44c26c19b9c01494ebe3dfa91daa0886fc12969a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\85y7ywt\imagestore.dat
    Filesize

    1KB

    MD5

    7db0b3e6f7126d5cfe2dfe67995c8e84

    SHA1

    d1dbf7e141e673138ecc27b13615622c95c1eab2

    SHA256

    2fecc2514e7f3dc4b5131a2bec628e4dc5fc91847f6bc25e6a38ef48e903795e

    SHA512

    94ed5e7e6256447fcf6631f79adc327ffb177819b5eacc3e7a36b2ea9ce9e5aa76880d7b3c84b8c9ff2f0911b290ba1d6c5296da141deff586243c1cc10ded18

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RXRX1VH\favicon[1].ico
    Filesize

    1KB

    MD5

    f2a495d85735b9a0ac65deb19c129985

    SHA1

    f2e22853e5da3e1017d5e1e319eeefe4f622e8c8

    SHA256

    8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

    SHA512

    6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE985.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE988.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/800-0-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download

  • memory/800-3-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download