Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

4cec271529...18.exe

windows7-x64

6

4cec271529...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    142s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 05:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4cec271529c4a975af0c7c6180340a30_JaffaCakes118.exe

  • Size

    24KB

  • MD5

    4cec271529c4a975af0c7c6180340a30

  • SHA1

    d8a1400ebfa869ea4ace11d9c31641e08a920cb3

  • SHA256

    b5d94a1b4117e72d36a29766686bef5134752140b6dd70b18322fecb1354c00e

  • SHA512

    f57b9e5906396cb827d22cedf6d08bb409115131cc8948c14e2e55974d593ef71040410f73f5b791f222b5ae17e84c75b71b62648bb5c92bcf7d5516e81ebbe9

  • SSDEEP

    384:j48mUFfsQlfztmX0XbZnfzCDuFDUs+Sb:jv9/lfztmELZnfrBl

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4cec271529c4a975af0c7c6180340a30_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4cec271529c4a975af0c7c6180340a30_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://gusanito.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2068
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2300

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aebca755c968200eafbfcbecc2555eb1

    SHA1

    232dbb41598bbd241f982e809c0dae66ae02ae96

    SHA256

    e3b15bd980408b7b4c11e9eff44bcb6911a8ee8d5ad9332e828b1ac8554fcb3f

    SHA512

    52673b6ff92c6a0c29f2ed2352353149d77126d7086fec0412a705b1eec2c960d58ab13b24f4de11f35b9b982dfb59b91513ae22ec86432579a09b6382118b34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d254d26d609d3c611c89f8554b1a83ca

    SHA1

    9f054d31d5a0c0a403dfe70b959949ed613d0c96

    SHA256

    c983a68d15416c53f33a047ac0a20828332fef87630844f1839ed3917200716b

    SHA512

    402f0e69ec38c30474a93b1d651bf2006b1cc7a17994749558fb0daf6b40459ac4162498413403858090dff46f7d4925c10a0bc9c9d7dde2f24025da98b70ffb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f78ca662da4cac586fddffcf027988c0

    SHA1

    d9bf794040540844b0cd7628da28e6c5b116385e

    SHA256

    4371d52c2ec78687220932287b80c094f9db6fa2364629266f83d41c6bda3e21

    SHA512

    b7c9384cd02a3044683684955b1eb7e3df9dbf100c85e4c6bc3ff63480fabfed484755c98bf91c85ea4a185742c99aa4a05f1395f417907a4cef083d6f873582

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f37215781e365b27ace3d046efca25ea

    SHA1

    96f88f5153763d968f8159cdcf759138e01d1b9a

    SHA256

    aa5dc3ee133f68497555012fdfab32dd68e9eda3363b997761f0a6863d7f36c9

    SHA512

    4acc0e666c644b1605f49a96f23df36fc47efb0167b9c07245bdf7cf2355d817b3b5daee0880acae8b90d4ea4a8bdfbaa3b35104c2b5c9a61a52b108edc8a0a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7897e04cacac9301fc8eb5611e21b952

    SHA1

    6c900a2d92c56c45beb92a94ac9ba12172582e6b

    SHA256

    a73c8da7b6e0ce5e40cd3a552d39dfedba19edc4e6ac114b8c8d1dfaac4a2996

    SHA512

    07e947da2d3b11d1e51324a5b8b5f91e60eec7863911888526720a0177423f038775fff03ae3d137bc2631c790ad803a708557d72b64f62fd6260a19b9feb366

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c5d2bb4981b7c8f1dbff58f36359f2d

    SHA1

    d31c9f22b5fb4b1c5f7f1cd72b940d5f437260c0

    SHA256

    55fd80589d95cf539e2f27603883973755ee71f685fcc6be25ce5aa0f3a0bedd

    SHA512

    beec838782ac60ed444b484aaa3820e9caf488009593a9f62be7053de540cb2ea697542c302a401cd7ec27a5705d500a37bc307d9aa8218aad42d6faebf957f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f88c0c89b61c99b5e4f50d1f75f77874

    SHA1

    1114f65809a2edc3d2be3bc47759d77a6b8e61b9

    SHA256

    2730df4025a417a10835ba9a9e59ab0a213d713d1132acaf837f179fc2f3fed7

    SHA512

    a056c0417ec27be22e7aa1e9ea3cc626f839a109a5a4fa1b4ffb7414598a525ee5596a65ce069c5ab1a0847110128c9a745589df2bbdae279910a35514f1ac6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    329a4a2de7dac0e83a51064b8f76d94f

    SHA1

    00bb28b66be60299728ceb16a150a09c9997ad5a

    SHA256

    0059764d1f6f06c79b1f66584ee27937ad0f6523359564ae0eaebde227636e9d

    SHA512

    f239b90da302186e2cf20517047022df01c519c8e150455169c2a1f5499bc4ddb178c8f2018dacb2374c5d83f0858acd8251cb47cffe4c91af60f9e8103c642b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b89016bce70d03bfbb5d144cfb6f85a

    SHA1

    985aa32c867e569c9cd9171c2bc30a71b65d2824

    SHA256

    4fbe2e192800bfa43b60102784fc6a04285657a6aa74416d0f570385a41a8ea4

    SHA512

    22ca4ca87e9ee174a99fb7c5f9d5e6d946867f9c5bf45fe2db8b6a84c3a6a73900c7721a9a38bcbdb5ff77d263cccfb5a6e4a11819f5a579099327cf8b1663e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83c1e1e6d991a3d2d12bb46ff186c907

    SHA1

    9ac1bf7d89a2d1fe33c83e8b4258a6fb9b07da52

    SHA256

    897cf7d94459c5c32a59825090f77743d105c9a28273ca91de0f976c5bb0f4b1

    SHA512

    c20985bf506498445311dcc6807b513b8f9caac318977ec10ae7b81b66cde4473476c29d63c3f7cf8c2617e6c26ad7e72b30c97769ab4a0607c00e9f6db9fc67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ad308542dab82ad2066be91b7360bf9

    SHA1

    0a1eba148a4ad3a1f1b5590113be85547b5192dd

    SHA256

    502ab2fa1b3b3d8ccfa1165a369deb1e6975dd8a221a95913834001631463817

    SHA512

    48de619b01dcdefd1090e89a7e1782c9c9829d622cbaaca29687e2d71e60e991943ea0b650800f0b538d495f04eb104d78d9b762eb9cebe0c2e9de46e72ef024

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40534a5c6a3dbcbf2998255dadff0d24

    SHA1

    53f55f5e45ffb7942b11432d0e7f2dcfd6b9f5ad

    SHA256

    cfb8f736f71ed0e9385b4fab8d69be63728effdb358304541f90c41777d0c42e

    SHA512

    c4f8ef27a532229e87a359fe32a78c23bac096a517cf8cc0e90bfb823929adaf930b401ac277613fdd776e8c9597170eb044a6de417704e3c7ff499fcfb3f623

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48fa2b77ee1ba9555fd9fa144bba6c49

    SHA1

    d29c8c091b42a140afb0c199f3d39005f4fea785

    SHA256

    e2e8f59c8b18f260eda9885e65e6566e518900ebf2ec2f3530dc4cd0940e41e9

    SHA512

    e18a1af7ce3cf46816442326760425e5aa1cce8c6112d9993c229449d6bfc93f0896dad881ce070c47af2fbf20ec5ee9c439a0c3720d5b29521cb8ddaa229d7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    129ddb925abc9b850a0f6efeeb85a041

    SHA1

    7b0f21a5b760d9e313218c08d3b599201a2a2b9d

    SHA256

    57b94ef9823ecf40efde456b56217bf6c6347f926e5e2111eff8e650d42a7a8e

    SHA512

    6787bd9581b6eddcfa95030a08a58c962b4f220f2a836f02959c73d07367bcd78bfd2ffe8323a1b63e1fb58af3488e014d6bffcb32a5594282c9527a97b425c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a1a65b24cc3f0b34c8b4b1020c3bf96

    SHA1

    4dc530f0e0f9c207fbf10ec7952d15a8ddf46f09

    SHA256

    1a74ef2f3d3b3318f1116da1fb8b6fe5c645d212644252a8dab0038fde432d99

    SHA512

    d363d77816530467c9f0bc4c22a2771d84302dbb7f6a37ad6780d467788f816bb222573ad2151b719cbdd5903aaf3e13f1ce5e1e8129fbcfd6dc410ff5ef5eef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e9237bfb313f41184d5eee8df0f0e1b

    SHA1

    7897ab4a3965caff6223b86f72baf2ae3e60115a

    SHA256

    b18b6e7439bed454020d271cc1d9bdef4d68e3f687fae940c7218ca19749ca68

    SHA512

    35379a33d54e70135f42ff525230230283c93f4b17124f06fc40d95f041999cdf9a2c45cebeeb4ae57f03050266fb853a934fa13170410f597cbc97dbfcf4999

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    027f2d99c7648401bfa49acad9a4794b

    SHA1

    3604ee72061d2c70bf59955d2a8ea23f8ed60733

    SHA256

    4931895fb6e6b4b1a9d7b5b4604153605cffce47b4eae9f046b1e5669fd05d97

    SHA512

    8b7e0b50b4f1940e0aced7678bd9537082eb0e161d158fc675a79b839badd9008f16f2dce1981ab03f77c439fe24ddcc0c7cd1968c7a7f4f9723912c55963d8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4fc26ed67b4962322fe95d8cdae8df0f

    SHA1

    31adba4bf0c7e53b10ff9afd7b6857fa2a3c0281

    SHA256

    5681b47ee6272ef8004ccd7a33ea87c48d674f9eed4d757dcdd5be9d18b8ac52

    SHA512

    74cf22341b7cbd789ac367cc3002148e1982d6d8891e5e97da71f3721c105ea771ce4fd5fad40794b5ebab96668552472c525eea6d0fc2fd9558671168d899b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d13d0f7162fa7a646815d37621d244b8

    SHA1

    454109018dd45e36643e13b118cf73837eb05e94

    SHA256

    1c7dee3a63f200e4defc9bc3d9d998807680af602c352c69d0bd4a8484d2d834

    SHA512

    b7ea926696ee278dd9ed6cc39549d22ca5681df64daa8be6ac4a574f422a84c87262f3a19b8c7423cf9c4f36b4047fc431024f39d838b9297ff04747c0a600a5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab653B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar65BB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit