Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

61f6acdf7e...18.dll

windows7-x64

1

61f6acdf7e...18.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 00:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    61f6acdf7ecb5fef59351269fc9821bb_JaffaCakes118.dll

  • Size

    25KB

  • MD5

    61f6acdf7ecb5fef59351269fc9821bb

  • SHA1

    7294e9202d5a45000391e378c6e9644696a7628f

  • SHA256

    88b101894516d6c9f9eaed3483b9e7deaef98d5dcb6d93202dd9d97dfdd40486

  • SHA512

    4b9584ea1b79b8f5e786fc52046adcf0811632f888bbac95dc2b58b1256f77a656bb1c9a8b30fbece99000f804faa9e43b5cfe1a6d70d18f1f63515a09c9f295

  • SSDEEP

    384:2Ugl+EQRxDbmqRgUV5vKuBVb5Ktab6BY6xkz3mhlpfxirt:2JzExDbmqRgUrdBrKts6BLF6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Modifies registry class 8 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\61f6acdf7ecb5fef59351269fc9821bb_JaffaCakes118.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1848
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\61f6acdf7ecb5fef59351269fc9821bb_JaffaCakes118.dll
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      PID:2652
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2776 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42e5ea13f398ca110643b8ed4cb4b114

    SHA1

    2c1cb010427ae586ef5a0c65db92f2028ac8785d

    SHA256

    06abf79d410637391c29f317c95393123484f63bebe6e8d8324db3a107e20932

    SHA512

    e691bef801b5b53ae991c6f4cb25e368a83aae1db6dad3c7561564a849614fc48845792ecde2d8e9ee72cd1896368bde988a3a9e915f0c8dbf3985760ceac09b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    233d3f96aaf93c85336c9e0c7ab00ec4

    SHA1

    a2013842444dbc537ad7ab54b7d220d84e9a3a0e

    SHA256

    ada039a43a14c9d5d1d1fe5d910e2c83066f7ce47e53790fa31149644c5297ae

    SHA512

    56fcce3cd5542597f46928c0b29196183f8b2601a8e00ebdd57dc5e460bb5e966c5fd1d26ea55ebf3ba487d21f2b39548e6ffcec9d6a412ad01ee264d87072b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86f1293ce8ea5841ccf972b93acaf8a2

    SHA1

    2deb446e12a5b019ff95794abe1a584751bd30b3

    SHA256

    4ebd3c4f386721de460d7fb6095826247248db54f0015c2bf294ae1118f0d3fe

    SHA512

    90828c4b09158086640ddfcbc4b3fc32735b9badcbd988e44b3d351f208d415ed3db1d385e7b257f8b216e27d5ded6d02a0786cdf2d07cb23581af13a187345a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2172767771c69948134e2bbc62e140aa

    SHA1

    317901583fff2dc71c887a493a161ff0c581b28e

    SHA256

    5ccbc97607daddfac43742f3b48332c0df7641ffd6fa792bc3c4d5fe3c71cb3b

    SHA512

    869b76600419f20b1e73a491659845508c02a1cad98ba04e3ece4e7fe054c9b348d87de05e9ed502749f9011f49526ad7ee94a5b8eb121042cc719f40f4a9417

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    525076441a4c59e19c425df62f3fe911

    SHA1

    311bc2fb7c0229ed953c2986f4b88cd46a18b12d

    SHA256

    59098442c1ccadd22e69198616a303d4cd5d6ed0c08d07cbb7f7e27bf9e0071b

    SHA512

    2ca0d9bed9c89a405fa5d6e451d4c7be8d3044ffdc10f73c54b3f64213d9006f75b3b9f6f694c8f18c2d504d07d008bfa4b8f78a42171c12cde831c0da73f507

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3173c7614311e6e5fe0e76c527572282

    SHA1

    b229e76758b27031b1d4531266d20613ceb6e8e8

    SHA256

    5fbe784817c075f87750bb05542c6d87f6ad9bf6b96909dd932500b724a49e57

    SHA512

    ae7d8e47575733bf3dc4382266ef921c5c918cc6a2d025c2ad3e0495c5f853c72d184069c246361998337b863cd5138c9f0114fc69c31d9eb94055c0119e72d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d5c12bf488d521b5c1244bafab44783

    SHA1

    7728ff47e10ac26930acb0c516c602d02b5af621

    SHA256

    f02538b561d951b4c52f603f147e65a0f52247eb55d85906e8f96254f072edc8

    SHA512

    0668f4afd5c06634b7d5cbcdc6eb75d651250e0946f4b99a6501081f9a03ccca6b4c41dd61fe752a9bc1ae55c5a05f10c630d8c2bc7257807043eeafe1b7150d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa6d6ffd0b980b9655d6b1b892c36ea6

    SHA1

    14e63c0ea3a58f09ce807921931501441db3226b

    SHA256

    77b85cd17aef3e025c3a3939da78e88ace981636b0e990c8968a2a417bfba5af

    SHA512

    64286d1f754684f245db7bbff27489389fedf180fc946879cde2065f2640473f475e16c4d9b924e86b685a724b9fb77df0479420e610dffb2bfaba9f5d65b1e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f17a27379a66b7b8458548c8eb39ef7

    SHA1

    a04d0cde07f4a3bef4fccd24c2e52703400f5c6d

    SHA256

    e450464c0b06aa3dfa20872f0ed689461f13c5aa96a0ca7573ed03c853fbf55c

    SHA512

    9a014968d59a78fa3f83c89c7878b10a43526f49de44a97121c611c96b5553218b99ade92026006137f3baedf1d2c47ffa6053d4043835e845402fc6c945e2be

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE772.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE7E5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2652-0-0x0000000000180000-0x0000000000182000-memory.dmp

    Filesize

    8KB

    Download