Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

4a86fe8361...18.exe

windows7-x64

7

4a86fe8361...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 16:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4a86fe836142875538247da9b9fbb2d9_JaffaCakes118.exe

  • Size

    191KB

  • MD5

    4a86fe836142875538247da9b9fbb2d9

  • SHA1

    baaa37a22d38d938856d2af52c89ba6f1a080678

  • SHA256

    b14431e9013c084b4b562ef1bf3dcc2502dbc0c69d77fec9acb4d58a92b7f2d2

  • SHA512

    ce9018bffc2d345881e18e2df55560938ad66c237f175c7fa947e4128e8ca68c046187d1eef0500472584ecbba63e64d6c215ec9e997b9bd7f305cca871be520

  • SSDEEP

    3072:FdTejYQcRkBtZy/kqtcGxekIQ8bqJLSjDexH0THKLW15Y5dyO5SDLm9qJV8Vd1v5:PWfUkBPyrtBxgQTMK0TKpxS3H8j0b0

Score
7/10
evasiontrojanupx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4a86fe836142875538247da9b9fbb2d9_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4a86fe836142875538247da9b9fbb2d9_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=982
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2632
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2632 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75aa84d7c9e121e115e54e02de888893

    SHA1

    f479850615dec034f6ec6b6e088a5d8e58c381cd

    SHA256

    a37dcaf2e270ffb9e10a9f2d2a2f3f2463e3561cd345e3796cafdff573e0d3a7

    SHA512

    68f175807a659dbd998a22160c68e9d5fb52f23073519c0829fbd2eae4e1fd72d29be278bd8ee681c67a3f7af55a6ba212d272a8600fe07c1879f833ffd1f02c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68dbc81db7c6d504a17759d3294325a9

    SHA1

    3a1df626b212bf3e00744a12586154027ac2b817

    SHA256

    9eac7bb2ae7b540c5071cb1b642db12c97ae9fa149c7080f5ebbfb88100e3b7e

    SHA512

    243c722657a15cb3099cbdfb950f8abf05ee1d7f70caf5ad8ca5b26c5e11cc0e8204c43434b8d64a57ed5d77c7ab8473318b49ba6de3ed60701e015708d4a1a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80e29d84a6f54c73b6a2d2e0698d54ce

    SHA1

    977c0dc99bdf72a199e2c8b979aab11af0399ace

    SHA256

    63e76451fb90a4509d4e9f0f02a02b6a4ec81796cf288ba56427e69c970a5e9d

    SHA512

    20200e0cac1c2077929cc23dd5687a96287c3f4fb276d6009acb23d3efc9a43356fcbf3d4ad4a9570f30c706390ccd3134cf9263da3f2f56d25c2b0d48051ea5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dba4846eb2a1f1ff70ecd1e195290bf7

    SHA1

    65618dddcf506ea259f3b44a75a5d83559cc79fa

    SHA256

    7173dcd1b4471b3b90c773d5267996f99f0658ef09d5b3c6bf397e5ef173c258

    SHA512

    c711077518b122fd3e5b676686c48359508708e2e6441548ff60f00db6b9122de1b959ace897f79d912ba6d3fad6fba72d862b377af41242b59c7e9d946817c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aff475157f7e623a37a40dfaccd67e8c

    SHA1

    06d0dcf1b7f93c145181c1db50777dbd4239af70

    SHA256

    0e8217f4b79058fc762160c0d392bdc03277fb9b73c58b093773334554ee5689

    SHA512

    0c07ed5a05eaab1ce78df1c0cb9000e0138301a715381ecebdf56e6b8aa9b054265351249b27d9df0e66ddf36cc6dca29d0442667c59a3c246430832b1b2449e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    048d0b50b185f17d2b7776e256eb2efd

    SHA1

    2105bc42129434f88d75436631d59e944cebd2a6

    SHA256

    59c1fbec4d83acd8b1aba469f0e57bd3b097c0eba84fe5b183028033a60f3d74

    SHA512

    ad3f86cab6208b0758b2a9522c3b0414e9a7b659b527cba76c7190ec4483de787551cf7ccfe62224f092465fd65799aed630d02ce4ba7083cde3f0d97097479e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6e3bafa0fe0a8f57d6fe79397dd2034d

    SHA1

    8de3240dfd69ba5337dde44ed9285feddbd863e1

    SHA256

    6f12f537458fe1a802e70c75070d3c505cc866e01a484195fed6b4624e14d76f

    SHA512

    966bf50484842a215b7895657a103481d375ff7250f9820a70fef2fa95d958f223cbc84a7545567abe9495228f2a2c9e7754a98a0b6b5586d2e08613f3221180

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fb8d28994f3a5f19e475005fd586151

    SHA1

    89607fc7326123a5b0a47b0e2e536eec0675eb0d

    SHA256

    84d37d0c28ed384e51702ecd5acf8a0110a45783509eced617e150ba15c4f5d0

    SHA512

    2de266a094e9de32091ff21fab80ad699e8c294237e3345f5874d70e8ad0de91bf6e69bf6e7da78c851737e87740e20193ff26a29da403fda8902ed1ebbae7b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c1ac79327167a312cbaa2a7507dca20

    SHA1

    5b1c7a694cb84963cec3792013a82f8f789f8575

    SHA256

    1893110a598c90ab40f5b1cee1419147881e3bfdfab0e64f1ebe3e0093252f88

    SHA512

    3a2289586facffddb39a9a5dddc0b634a9c527c52794e56afe62d95d78d487cca8df58c7fcb76fc594d68d4b32343fe47422b44075d43674e4b49fb4eb18d5b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2607439e7ac85ec033ccd5323781d10

    SHA1

    626bd21c38c1f790764178656dc1fe4687884fb7

    SHA256

    d389a2b657b81b5d3b055eb74d4c877dfab29690b8549bf7620e768d8104c7f4

    SHA512

    bfece52322e8e990860d05d3c7a16aba216eee6d2206d5d8b712c21d3259fdedd79e8195fa2f9fcfe8777c81f4ecaa9d0002f826734d10099e4b371f3e088621

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7600c726e4f67a2325623bb101fcbf4d

    SHA1

    5713aa2ad0e2d124de1f77bb4644f2805a0da812

    SHA256

    680ee7d095b15f48d994064708a2de8cc55a7f3048e79c80358b078f839620cf

    SHA512

    aeead3717aef1d194ce6281ecf6628988e05d9ccbb5ad2c886ee771cd42cad4dde3e7022c31c7acc4db7fdb0c7bf5531281344c14f7bee1a9c0778f3f5153973

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b63f2ff3bae2a623dacc7bcdfa7932a

    SHA1

    52edfa4a970becbe819c25f38c05fc90719ed2f0

    SHA256

    054673bdab1fd209f70297b5c2632f5ac894a6a44dd2489461c473ac16b64058

    SHA512

    ca7e9501b5d4fec9949f1674e8e446c0326d93379fad4ca9cfe0a2e9a6eec3a521d034c1fe564c5a07844f5f26ea42a328cbbdc32e83c632d1d29d49c82f0f26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    650646151df810601aede76a7bd7dc05

    SHA1

    b96e43c9612c69434017fc9b4be8f885b9ba1320

    SHA256

    4f2911c42ad9dabeb0b0aa00f77e32808725c6a42f070c48153554e8a1d0f920

    SHA512

    aeef146432b7d4ae222705c68326d27ca21016d9c0799488b2210c296dcf0da7c7e263fa291252faa7a1cd5eb25242918bec59c1a5a64cafab5b180d09ebaf82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eedd7a646128ff62c42135570135230e

    SHA1

    9ebfc3b4215d844cc6ffd9cc4766182f5d317b7b

    SHA256

    c8bc3def6a50ebf8daf17e1983353edc4bb8e85fa9cdcc9abaaa9ad9dd0a7ac6

    SHA512

    0dec91e00129bfc0b515dc6516a261fa5a36b0777a2c90de880dfdeabfa42068b0273e0568f54c29520cdc3f7f33f7ca3de9fdf525f7ce31c82f651a8c7b6921

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a68e7f8816708de84f20e5464285927

    SHA1

    2d479cbfa673f506ecf006502a46068802c64092

    SHA256

    6860f0fc93a707d2223b07e47fe6070342a5a2e824d5afb33ef88ce36f750c68

    SHA512

    904f06436e36f17fd7fb3ae8c5c6a52c351a4fceec90797a8ef22c17f532d1e4de59dac459b960b3d3bd92bc954ddd9d2332eb71718f696b10888ac8f65ca3c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ef681abbe15a351ba58345c4273e3d9

    SHA1

    6c85eab302b748c2e3bd506044c98e998d6c3c58

    SHA256

    99eaa9e5126a7af877341cc2bbd8d81c53012caf706cc7f50f9f96b33f898c14

    SHA512

    d75afdb8ff1557702958edf8459be7b8de51a106de5e11f9cb3e42c1d6340995f3d931095c306289832520caf943109294fa68cf4ba36e56124a73b248589b7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be36e49e0af95ec2bf695306f128e2fb

    SHA1

    e1736c48c28b0f1604bf3d562d71c5a9989c6f05

    SHA256

    5eb154efae9b8cfbb508e6e5b956f182ec79e24b7c21d88d7b97169db536b58d

    SHA512

    d3e9f820be3fff7c796f994ab2201526279d39c1b6b5a8252d2c2012e7f074ae782dbd1c78d393e5f371ce8b470b0ddafb1b0388754f6059a6b60e3daf358792

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f14cab208ded0ac6dd46214e03d4b48b

    SHA1

    4425fd847437acd814a30c1f6f950a49a7bd857c

    SHA256

    e14b61956bc87f302b89e477d2aef5912928f34d78c783048a8a05f5f2d6d5a8

    SHA512

    5bafba6afe56cceb0aa4ca885abd0898400d28e2720992df9dd36e457fee0af2252ae80b81aa7a5a43b1c88447fa5290693685a7f64cda2da0512396f9780d41

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBB18.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FG.url
    Filesize

    192B

    MD5

    0fcf82b5a915470e8a79d3516f582a36

    SHA1

    75f81b41607905b231521243129aff3554a58db0

    SHA256

    076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

    SHA512

    adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBBB7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2964-0-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2964-24-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2964-25-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2964-26-0x0000000000400000-0x000000000056B000-memory.dmp

    Filesize

    1.4MB

    Download