Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

4777733356...18.exe

windows7-x64

7

4777733356...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 00:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    47777333561c2375857bed2c57d28ae4_JaffaCakes118.exe

  • Size

    164KB

  • MD5

    47777333561c2375857bed2c57d28ae4

  • SHA1

    941c7838b11cf9527b4830b639b5ceb713799b43

  • SHA256

    bf9d9ce71dea3f440e3ad515f80e77500b67dd9990922fda08ab091430e4646a

  • SHA512

    4e759fd65026ab22b3c4fe73b7eead5b5e6e5ffa385f76575029e349c0aa523517a193c7b46b9e409a713b5c5fad306d89a41e6459d7088f9c761869aa5cb8ef

  • SSDEEP

    3072:SWoGRdx9XEJ9WSJMDONLEJcP9sXtl+rnIGdpzkNbD9QAwfJp:SQx9XWJMDONLuDanIGdpzgo

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\47777333561c2375857bed2c57d28ae4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\47777333561c2375857bed2c57d28ae4_JaffaCakes118.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1864
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://127.0.0.1:8081/exitpp.html?
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2644
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2516

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2527ef4ef69fd1906e65e56dcefbbaad

    SHA1

    6cbb39d77dccbf5dbc473d1998d2e2cfa8c88b53

    SHA256

    a22ee6399b2fa01fd0daeb3b866d184d181609edc4bb6f0c39756a14bb7e5735

    SHA512

    01c3781e561bac89267c91b5dfc19c85265af7acbf272fa822e16f6def011e0a04d8ae30294366e178c00c481228db47d65e82833509578a32cde5e5781c0a3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5232910bf95b713d17b463edaa7360a0

    SHA1

    87119274a131565660f103e2b56ae894c754b173

    SHA256

    d2d013ebc743f28e3ad01c373142ce7ae2504d109ba0ee7b0f7459857615d9ff

    SHA512

    3b9324448afc449bd63c9cdd4ce0d1ee66d9c9d255a53538c8bc826ab1bd65d9f93da97ff06c76f63368c75dd7d97ad3dd83b2fd347a32223411b91800ab46ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66fb07ed8abbdcb71ef4821cb2b795aa

    SHA1

    82bd495c69344f1989df1afa0564b01c7dc2384a

    SHA256

    c0b28aa22042e476085b6f06fe65735d17d7c0c77a5c0edbce8d90c6fd73beec

    SHA512

    f7e312e96950ef5eb88a20799b500c2b6325538b24016eafb63646878233efe3c2eacfcaf659d989bf36aa4cc9a1d18d3ad5fd3427a194853a84e1a16717c27c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    596e2e8e80ba393091e52add1fa2adbf

    SHA1

    c885cb8d942e8eb88a320ad2511bb382243760e0

    SHA256

    06959d2575a12700a0e037da0a86077fc964aac0793d05e5e96d7c6338e17972

    SHA512

    e94bb1f05ab4e5b8bb6219913b646a458099c42e21dab6ecc577d62c939d177fcf8c1190032109d2d90862834cd2bcdccfac417f310eec462c246c0e88fbfda5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a37fe77d500ab58a05643578a0165f09

    SHA1

    029516234a702a32d13ac47e3f63633405380136

    SHA256

    1dc67fa4c629338c0ea9549242de05561feeaf3a729aa8a9922a0355232445a7

    SHA512

    1f439cca6b9b99b95617bb49b226fffcca357ef0c0d96580c6240e2c7f16cd346e7e15a5b81812ce8f214f0902bd86a61544994a0124077c69440abcc62721b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46c93236a953042b0c0a8aa14031c16f

    SHA1

    e9031453b695979e930f7d77361d8eb36564c794

    SHA256

    24eeddf4366a0ad31886bb03c28dff6d8d67be4f90f0e365cd6e2436d9cc793e

    SHA512

    1f47065976a1558d8fcb91586f282411238d5a8a46b1471b0e83f356dbb53e88fe52577563916f7b36d7d6c4f6ac61d568d483050df5156b687307db639bcdf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc4b5aab71bed8576430e4fb08a7d241

    SHA1

    847aaae3ba7b06289947cef9f0828d45eca3f427

    SHA256

    c7f62af239b40557b23243a15b1d315c06a3db7c14305e565cd3952fe91dd425

    SHA512

    4f024273fc3e69ac3a6de036d8d44163082206b9850510e145eb4f042a961369c3d197a725a4187e892400c317b9a657ceeb87fd62c8c7463da14fa86884a214

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ccd566deb42923bca97979a831c8c441

    SHA1

    76bf7f15964b27863aa40eaa8c9281cc385c7304

    SHA256

    df2aea59c8275c7bd5acd0b789ce20496c6e7ab23409fe0ebc3a72144c813e44

    SHA512

    7ea28435f43d4eeba8c8151afa7729bcdee8c7ff770b581fdf315408cfd8d2d408a3369aef4c66d088db0199da81b48f084eec82081c70c24610a3cfb0617082

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3aadedcce9c4d75746ca26cb3ae464c1

    SHA1

    4518efbe3477815cc5e5415d5937fd566a7de02d

    SHA256

    ae3f05ee076278def640c3b2f70328ee123cf0250a4e534ddd3f89b86ed03231

    SHA512

    5aaca9f22573aec93d189441ec87cbbb0ab0381f1c7b6651b3402a50312989cb121f7f984ed8b07b9a4bc46f0ab62597b61f46478a1edf0c38318ed45178aace

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8d954d518514153ef0a163e2e88fb20

    SHA1

    c15410407c7b2029cea95b73b8fdb778102ad5ed

    SHA256

    4c5da9a16d7091368e539d9dc5d2544bd30d35d06ba093df43c5e3a57182e8b9

    SHA512

    0514b2bc478bc9afdb4c3ae4552a2c88c911a7fd7ad974c66144649991b8200738a4413556a7f4e110f931b5c7982955e8f8b2072e5077febb3202d764d64d34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    57006770a7078eb5da52010bab435f85

    SHA1

    3dfd14dd04ac6429885f793f1912be3387611f9d

    SHA256

    03fd3fc1402a7da5e2cd6921e453f6b2dcd0442c538c5c47ffed3e730f86cfb5

    SHA512

    5d1cccbd9c022ce8344240cc62e36d78e1447decfbce71d0414a575145f4684b80c742a1b2f7a9159e9d4b279ca64f6945737e117bfdf60d92d67c59643cb28a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c79d76495dd8180db07e709e1cf8fed6

    SHA1

    4e1923ccd72a700a6e9012ba1e6eaafaa8c86ccf

    SHA256

    dad9870fe2b10aafa978518917248d72213cc292565c10515aaf5ea1efb3e6f6

    SHA512

    d217298e16bd57f035e655bbd778a12b43796e53cece29b591742ec65e07d2799cfa2f76a4986db75bf391c65a9544dddb045a115bd09ec7417d5d5fc2e633ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a009a6b1ce963708e2eceb26cf17fb0d

    SHA1

    cdcf07d7e36fafc29f4160cb5be6fda6e619f7ce

    SHA256

    9c2a9e439a6c8a11d2e327b89088f952aca4b2fdc9ccb1cc7ed5e25b61777f0d

    SHA512

    10838c3f581b835da7e9788b983267cf8daf8dceced748e0dcf177d844024769e120c6187509845664076ffa91a3bd136f804c100935f051425946bb5d26259b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d6f0031d11cbcfc1e1b488e4606ebff

    SHA1

    6391d82441f23efb16642c6729be802514aebe6f

    SHA256

    da618afceebb644be4b3ff6530b6a9c7dc70fcd99ccf506e0e96dfa8758a1c0a

    SHA512

    f36304b4800d165fc9fb73997c42e0ed47847fb2971d83c5eb3a15a74506475bcbe0d9fced2375e04a4ff49be4a4c86ce1485d3458e2545386e2216bec0987b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38550cbd2ea141b765270887fbe0abba

    SHA1

    74fed3a46def69a5b19e746c1b8f25a3cfca27eb

    SHA256

    896975f8b6bd5a9128f7f0c83d97a1f178b65c7cdf15e9daf79dc0c70b2140ad

    SHA512

    f6556958d855097c0acb83411fe72e252d54e1bc969322f34378caa75b82f29279594ebf556f362217885bf367ad9f84ca92d1de3088ff208bdf7c5b66c5f9b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3982c3c139dd125a039abfd47e3c5b0

    SHA1

    1bc20e5d051f045516d7652d00604d07005d90db

    SHA256

    93eaa62fe578b64be338b4ad1a54eb35252df28b4ada8569e6e0c3df7929ff4f

    SHA512

    9c2b2d6b9c795dc99a2bcb0dde184efff1751f43002d2e394f47a9c6a6ff262d31eecd6809584b3cd4d96acbc585b8f8148ec88ed78e1de81bea29cbdd68e08b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30c516e354d96371e047af6e5b1de778

    SHA1

    53353e16abe70475f17334001c4ed47e3fede75b

    SHA256

    3225d7b365e9fde68c89088410c59028e19352c067e8f0833126d31c536f3261

    SHA512

    9b82764fe06d0ebd084675ec0701ca17232872de3d03308f1e19c7db6b957bf1570be7289fbee0671b41bae776ccbb215438c1a965ba68ccb8aa585f577cdb4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd490b63a4c111652c909eadee14d52d

    SHA1

    926fa921beb96e0456128ca440f22ca664f330b7

    SHA256

    a6455fa8463a201bd2df162e40bc76293d3853b81f8608885cd734812a705eb8

    SHA512

    fcb853407775f0562e67cd610af5f9b051f57b3eee7f36bf6652fef1c26cfa35a79716284afd90ada8bcd1df7618ba34502fde284a093b59a9ba002da9188bbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b70bb87af33d7bc18ec394dc854cd98e

    SHA1

    0949fae27fce037c007f74fe6271371514ef7076

    SHA256

    889c4826d7303c269358ab2e07f80f909c5cc4833a4589bf26ad0285a05d8950

    SHA512

    4581446bbfc8514f83f160d683fdad4d39fbedf4eb962c340a0a3ca1152b038e11222a9a473ec12074b4a9897a2024f0318c1d5d15adbda41f0ea41050f5530e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d48de96d55bfb4cb23e8673021d078f7

    SHA1

    e3fb146c7dcba50f438302b82ff348be355b93ff

    SHA256

    3b38a5dac8f4b7e5254bf285ea8771239b133f8ba8baa80617c51836314a5a10

    SHA512

    85d0ef4dc09b17a54bfb63b94cff8de9dcb80170aa46d344526f7a41743989ccf1c3b6f53b06bfaa7350f3020705f5868822d59ab5e78db426f3da434034783e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab46C3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4724.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1864-4-0x0000000000400000-0x000000000048E000-memory.dmp

    Filesize

    568KB

    Download

  • memory/1864-2-0x0000000000400000-0x000000000048E000-memory.dmp

    Filesize

    568KB

    Download

  • memory/1864-0-0x0000000000400000-0x000000000048E000-memory.dmp

    Filesize

    568KB

    Download