Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

49dbaa7226...18.exe

windows7-x64

7

49dbaa7226...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49dbaa7226afe42e4e0f793087ce774a_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    49dbaa7226afe42e4e0f793087ce774a

  • SHA1

    64892bece8d61e83d02271fd45312773af520505

  • SHA256

    74b7394920909f883e18c02ffe439f3aa79ba162ae3722d743318dab20543125

  • SHA512

    237d074e2430f14f4dd4c44486ea5302d70c7d5782b01d129a7f8959571b87400aa63c3af9f08ef22ec89302ffa0d0814b81f780af6b41c63290c60bba48aea8

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1vI:PWfUkBPyrtBxgQTMK0TKpxS3H8j0bN

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\49dbaa7226afe42e4e0f793087ce774a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\49dbaa7226afe42e4e0f793087ce774a_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=946
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2684
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2684 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a7e27104564dfb4879370c66839a776

    SHA1

    b5d01dab23181ca9025f25312018c0931f29c8d3

    SHA256

    05ff38b56a279163fc58c33d51b377f23ba4d4ddac20df62486f1408c86e3362

    SHA512

    acc5f11c87dd4b443187c440fa68440eca696ea617354c3757148247447e32085168118445586fc6691ffc8166f662a5d898c6f502342f94df01303e759c459a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ead6a6a43207d6ee5abe9d4071018002

    SHA1

    c394bcc29f1fdf862e261d0bfb07498fc7819b81

    SHA256

    0522975585b3001dad328b9a87d3f3fff1e495538c1a4a181c4a5de70e516c39

    SHA512

    379edf4648b65bdb9737b2e278354dac5ea46a1089f402c2811552e8ba1d19a233c76a5d6d4263fb4e127e5cc79b5120df6c1a51dbbd377aab9d1bd0d4e08b22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c007529215919e99504ab44a243e132

    SHA1

    54db3341d3232c84b63821d3455ac6f4c2758749

    SHA256

    48bd57f237346bd2603e158303ea4b982349d7fd985744fd57b6fb16fc1330ae

    SHA512

    bb5e006306a1142b4e704d8aacba1c2cc0257b43ac1723ba39db276c8c63a92de2c6eadb55dea4f2a609c793c1a8c3fa29a7194c715a3d5d453036bc53cee25f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89e6a1fa1999490b0db6f48cc3fd1728

    SHA1

    ed7bb2eeec3296d6db10104db2c2fe3a78e3c174

    SHA256

    03f90331b8a8f1cacd27ee4f38f79006659918b22c2a684bed86ffbaf536df46

    SHA512

    85b3cb97759cc8eb46c06d8d6aaed5f3eca6a9b81bc1911c5841d70fa74498c55181e51feff148c4fa7873defc4611ed1bfe5bfbcb94375e690539fb6e402e2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eede2f6d6ced4d6b3d3cad527a1091fd

    SHA1

    e15aacd628fd680287dc69e9c86bad743939bc1d

    SHA256

    e9395a6820b8cdebcfe4796097213ba9e3f093277dfec9b1a3006a31c93afd68

    SHA512

    cbdf8645844b59adf6af868128d3142bdd04a29bd71f4673c7590177168e9af2c0d65bba4d10d270e7bab73e8087cbeba2dd7f19803c7d1e783ba0c88820bc40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08faa99036675b4e9576ee6597f0653e

    SHA1

    7167f456dd3df8517eaf535eae1147dad9aa3784

    SHA256

    45102bf88bc32457c8277ed1c4f435d5d39188c07e89f561e56e223522711bf5

    SHA512

    6afda37752122f097557d7b839fde25ca571eb8d6b9c1166b979f1a1741e30a24c1cc07b2977e9468fb653a3b9393ba9e11bb240723dd858c7d918334fd3dfee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f06ee4de02861d9c9a7d2eb4780892e0

    SHA1

    a2aae7b0682f3412c87790c908efa2b7d907a6c3

    SHA256

    60d7a356f2d5c820fe00b3b6c33b669cf4149db2cd1051806bd28fa8d4aa1620

    SHA512

    f080cfed87f0be04ecf34b6629b3ed3775d0ca317592b57a8318c9a5d3b3cdbe20152988b38d8702dbbbfbb7492bfc38c7800d957a11f9fb37b0a93321784976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7345e3a6d10e436d839eee54f1bf3f0

    SHA1

    17fc34035b6ece81c003f26a6fd5a245fbc51d4c

    SHA256

    d56231688b8caf950905d8b4aed6307dd93f3f40a16e317d61be132ebb028b9e

    SHA512

    739fe9d8230e204207c0778c790721cb45b2ca893c9d1bcd4d1b38e1dc34487a596e9d215f2ee83ed6c08ce816d89d9538f762f7baddbc0359fb4cc426d12669

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e41b9e860ea1591bf7003bc0184e4fe

    SHA1

    0ea45b673e12bfde610543e42f2e3f5cfe1e1f51

    SHA256

    a5b600ad6ddfe41e3ccfb2dafcd31d4bca7ab1376b43e579c48e1033bd386eda

    SHA512

    45c40ae84a5d4815b146a74157eb0442324d18cd8280fa0f2d89b48a2aab1e1cc9e7a380c64d505f37ab35b73b481f592339c5ea7ac899a25a30c9a0142e19f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8d5430f1ad101645f7ce611157ad51d

    SHA1

    19b7087e5d9f47b8da47174c56abba6cd264c513

    SHA256

    695737c5928afac7da22a1ca60515e2a039433170fd55fe16f8ec59619f6f8e9

    SHA512

    160e3dc09b3bc0927b33f694f0dc9d4e957e06b09a11cfc2c9f85b9203927ed9170f4c5c2151ac0190698f11704f171ce8edf5789864fd21203b42d0a30bc11a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fd5df39aa6268cb87ba3801db3cda8c

    SHA1

    058ae292c480e75da55ca10a3a162ec9252104d0

    SHA256

    92c3bf23603060baccffd8a7cfe695022756e05f816fed70d70f227bfac62382

    SHA512

    33842de01b5c957506789cf852b8ee83595695ce6c7feec9a019f67e8d7182223c890be93ed8e0753843eaa1a13dbf7a1a5851f5e4ea1da3686ee581130f60c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f010819e2b272f6d25991b0cd82d893

    SHA1

    ba56104e20f6423fda9a87d511ec374c3345eb5d

    SHA256

    bef4075f0b5a689a38f41e1ea6ccb209febe03b3e401c9150f53614b81af02b3

    SHA512

    a737638ac42fee1ff433ecac767c8fe5baefcbf2fd6f7ba3350b40c3c58b9058df18291bd3f879983acb8452ca6b04330e4941af46cdb31585611c6932c724b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f0d54b5c6562fd200b8ee8dd3ac1ab4

    SHA1

    74bfee279962feb42fde0a935035574dad2f3116

    SHA256

    3eef01165007d88ab73f61888f330664c8dfececb65b19abbd6a7f7e6c7aace3

    SHA512

    347494f92eb88c7e44798eede3b8e8db207c6e44fefcd3bb26926e38f48dc6062d0773ce1631c539be78e275ed6cc07f9431cb052c4566efaee3f46adf54b96f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe615a18f47a05529e2b06c02c5b3a83

    SHA1

    a03d71f42e6e230f878b4ebd44db92fd5d0fef0c

    SHA256

    91e749f34779d4844ab76de1af2b57578faea1443e8262cd003aa5b589941194

    SHA512

    248ab37d7796314050d7894598835a08189fdd678185720aa949d59b6195e9597f6965efb2bb921209601deb922084a2b2b6aea63ce7f7121dc93a1fe9361a1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13cfdbc824919d776eee31b115db5adf

    SHA1

    9f4a6a88f7442f002b5fb5de407e8ec283039eee

    SHA256

    4f35cb93ce0735b350673c809d06f6249433c336738d326eadacc4f3e1e3fef0

    SHA512

    c9bfa4d98936daef28fb1e63aeee967d240f3e9981de64e4305fd1a3e13282c4c5b5fec23a47057beb2a2a285b25aa09acbe1677705d801a64f91e770334a33d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b86fa32038910c6d371255af87bf619

    SHA1

    cd29302e5a25390cde69dd89871ba1a2721a9727

    SHA256

    8f70c575a8397cb414b4ec59807d9fbdf4684609e6c2522e7d7c4724fb3f386c

    SHA512

    92e4cbe0536f482b20da32f7fd69387e6a8a938035eacf05af49010f62d124bb74d1c4cf9f88b0718b08996fd9410450cb5f9421a7b1541280457b0da6274f04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c085acb4ef3ae66a781c97ed4d3102f8

    SHA1

    5ac85a96acca95bbbc73b13c0a0b5a3d05160c8f

    SHA256

    6fcb22a554f7bc023d993b23ef84a998884dfa891da3c03156cdd4b2210a41a2

    SHA512

    1d84ea8e4cd706ad6962c7998f3643db051f2c8fa60cdcdfeb900d7d73ed49cb3c18f47368b059de7731a5eace0eec3f8f845f19939ef660eac73146ba16b5f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bc1218f9c57033de4273b40c660a456

    SHA1

    e7ad3ebfbbc85b0cd8455c5ba238c6f9feac01c9

    SHA256

    5f7f4a59bd64e74aa43d63f12816e49a32f9aebe1f4ecde9e63f65d35efe748b

    SHA512

    464b5c905b9075f025a32d03cd05f7f37e616b2ed3ee84d20986467d27afe8ef6070e6b4e2c04f957de585468c2abd0f480f3ebff2a18116c38231762c55103a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    389ed104dfe377e0a9f5f41514e72cee

    SHA1

    33ae6d89f668907f6af3a51d6c0bd594a50a7531

    SHA256

    2bb70cf3e3d6660a10a56e8b595363fb5ad20defdc622efd00e8c2c0128db806

    SHA512

    c0a1aa8db893c5bbebfca2914993c1c90d79f83631f2435c479e37f8add71609093cecde809a11f8a4c5268c082ceeb42e69fce288f77e57094324a47c9bf856

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCCF3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCDB1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2536-26-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2536-0-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2536-24-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2536-25-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download