Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

697b7fc8bd...18.exe

windows7-x64

3

697b7fc8bd...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    697b7fc8bd49004867c5d81902ad0898_JaffaCakes118.exe

  • Size

    892KB

  • MD5

    697b7fc8bd49004867c5d81902ad0898

  • SHA1

    ced28aaf58c55b299e80447855a315a51c87f8c8

  • SHA256

    1499a55c2f390b01a78e82ac27e6d6f91d9563d8d69d9659ea7da196bb9de6fb

  • SHA512

    6e32c7d4aadda84c4eea768c9e78ed8781c99c633dd2dd7791fedc2144307441b64de41a898ccfdceabff7ec442ebd72557e5f65d1fca0495f602829c8d422df

  • SSDEEP

    12288:p31XsYeziPHb4pbsve7glUzHWelbgdx8Xm2tmy:pifg74NsW7g+Hflbg+J

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 62 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 16 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\697b7fc8bd49004867c5d81902ad0898_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\697b7fc8bd49004867c5d81902ad0898_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.vdisk.cn/moxiaoya
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2428
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2448
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.vdisk.cn/moxiaoya
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1808
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1808 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56603cab690abfff91117e50824992b6

    SHA1

    b594c0c9bcc3f63b74007d6200807dcf25882687

    SHA256

    274c05c6c959affa43c713fe87ee0ab762277c3634588c136da5b0b332bfbfda

    SHA512

    5f652b7221f2494eecaf20b8c1eb25ca2fb6fed2f8b09a38f9d07cb969af6b25f1d193f4eeb2c48c50797d3f4a945b250666ca5fc345f3e661949bfea575e363

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ac517be0c5a8ef7c29c6201caf25f4d

    SHA1

    6998dac76270b2c0324bca66af23e67dd2245c27

    SHA256

    c4a76350c9d6d179dae2deea79f1a5a137f58f9876d635d30932fecdcd3fbdc8

    SHA512

    bc9f6a6171aeb688bf15a94dd9c53234d786e5f5f4de1d5bb10aadb368136ebbe00c12f6c124af7bde965fad97145bae0dc091ed35b2c78cf300493312255851

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bac3a28af3e76cc018eb331dd04d26c

    SHA1

    b34cb288a39a41265e32e87d37e8b0e6e4b7643c

    SHA256

    f74bd4660cf818e2692c54409c4f90d3d0d19a3bb53771deab63228ad777b295

    SHA512

    99ba7450064a9c27bf10da04e3afa31d3167694ce528a8c37ba81cd8cc70ce070cb431279f7d83d8139626168814060596ff4babcc1f30695bf5a33ce27d4f79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8253c171a085cc25c5b808292e6060e9

    SHA1

    fc86befdc8bd428f8107317a65798066b3b87898

    SHA256

    7af07d58c71029ac2af0d339e6a8b509b80317eaa2d9a5510e3c26f6e7e8f9f6

    SHA512

    94b25cc35f7b2cabf67e4003635862f137ffb0dbf5912367e92d8d5d530b243c716da004ff2ec700941e4779f8c89c8d2c15325abb9275e58f9de110fd0ee825

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a451f8e1b4fd1b50c5876be4358f698e

    SHA1

    e5bd84008c674d2f537e77e7593e721d9951ad8c

    SHA256

    912a7e039ede62b7be85a2ef5a71f6a5c5ced5b84b6355dee73099819f1fa086

    SHA512

    14c285f56c4bba8b3033f9229a219809660ff3007aea376606968fea07d622a79cf511c43c3b1c852c4f015a6dfa35afd30daac919c875d79718b431773c339b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87d388366f75745c12a651e1f2051cee

    SHA1

    8af23f470e9b109405636f6e74f53c44c1635978

    SHA256

    f984798b5eadeb56f8cdea4e370228625f0382637094b6bc119c4cb8d1174973

    SHA512

    e57a4c7d56397fc6e0368607f8b25c79fd9a2ac5af399d0b6fed72faa872837d3d5f61df8d02a2cd3904f3328523ac739294e086256c920b98225b87c5ce3e38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f14c7127e51d2b6f87c47af399f91012

    SHA1

    ad151618c3c28107d8df1a5631befc8a882bb7e8

    SHA256

    568fe194a998f5eb8097c6e562c23ee550bc92f0a3d0d0f925c49abf6cc5d210

    SHA512

    fd9eed4a1b09e9702966a41d80ab156dc08e47056e9e23c0637874032c28959f4d9a6c80a4b3276c5e8735957ef5df731110c3c9a89fd6fae6f2e0a439ed0685

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fbda1f06bb53205c3ba4bd9fab3c626

    SHA1

    cd853456016d6a07882e4050ae9af6e41c555652

    SHA256

    a5a2a4fc85813e8b47af521f94fb6a88510d16f0cd29fb5f8466ab05ca86a949

    SHA512

    62591c777a1cb20c31ad7c5180a84105299a9b2f48064536f053f20c48b63f3b948fa7c0372f8ed1e47e8aa973557d821b8a83c738733adf424614b4a369e7f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    820203e478aa2ae5668aa926c4a26855

    SHA1

    57d7d7ed5ffc2ea32e5f3775da0e25f145f80fec

    SHA256

    413b42b9cfc056ba092822ed5c2df8b866aecf7d683966f58360b13ce333b33c

    SHA512

    b51fc673035e8e1f68c3833602f060d1bac7de243674da44c3cc6b70e73403142678fe6e50c7a3cb78ace9b680ac6d381a256f6ebc9c15ad055b1058b2fc134f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    659fb5e0ac50eb6f2332eebedc32e776

    SHA1

    2482c12e69efa9ac0f2957b0a34a621c87f75ef4

    SHA256

    b37e1ee9363dd06677436b718efe5d03164010e17ac5622879070774cd3bfbe2

    SHA512

    20ac36b5bb5fb9c15cecf2d23c0a4de0d4a4a67405d5a15d1f8765992848d9e38e32f59047bea8c18ddc0c1fd5b74e897f68c161beb3bb6f846f98ea1b7cc4bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0333301a2e2bb1a993739c771bfb8abe

    SHA1

    c8c4fdb9f0ad81e23749bf96be9072a8ebfd2272

    SHA256

    8196926183868a9ff53135430abf72f66646d7ab39b60e79f9db87ac1d929061

    SHA512

    cca4779636a05acee8484e5677915437ad92d80b29a676934350fb32bc876d1b4295f1ec7d3a70a289ec7f25ea0114711f26e91c8c9c933ff1e144adefd02273

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a386c724b372001f2c19edef711697e5

    SHA1

    1f1e1687a581ba6734d7b87a838559cd2a0670d9

    SHA256

    330e0beaf313129e659fa9ec57feb4ff1442cf68ee9b64aec9e9624fd2de08d0

    SHA512

    37ddf45cbe383a37e7174ea513b5346bab4c9a48aa6eacc975926394f5e9429d31f5ed28a4724b830e3b88726d271010b2d42c9d7a7373526f71d0339c9e3894

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ec2fc4d799b53aca5fa3a69402f5573

    SHA1

    0a49acab01fb8aa0b324eb11e9160df32ff15794

    SHA256

    76e0ea32117fc6c788c5f15b63a8e3f3333bbe289f7e053e094f286b348b8527

    SHA512

    b43778f70bd97c0c3aee2d9d3a03974007a5c9f20702c2b888ed8331e0aaf4a11bdf105ac589432b1ca6dcb1ab2ed165a54b20ef8f2e7b1ac0bf987bca7b9a2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a068131db5450ae572dbc25dc2c8f184

    SHA1

    0fd45191c6f8234200e53e2ab2eb39fd0efa9009

    SHA256

    67fc3e8ec8e72388545fa2a9a4e029056eceae5f7d06dfc86b9996be5793b79a

    SHA512

    c0394a71acf75103352bc06a5ea44b1c5122050088ecf10bc235424ca1ffd4ddc2bab2b52d4c692c53f9b1ac1e9ca5ed5bd6995a7144bfa8c88ab4811e0460c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1916f149ce17b6d09217690088372791

    SHA1

    3a0b9e3383a7e6ed87bbf2b7d6e0535d5f3b919b

    SHA256

    44b75426643a1bf0ce6898124f6cb0b7e08854775cb092e7381442e5029c843c

    SHA512

    0db519eb748c5829dcdd83208012fb7a5facb773c1c0725fd4cf24070d8a78db83a7218859fae329e1127c46c30ccfde8f052438d723c411bba89360e1cb1dce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bff1ec1fdf80da849ec4b35d2f0c1f19

    SHA1

    19f8512b43d3426ad6ac23b52457584480fdf41e

    SHA256

    e436e7ca936b8d855c1952109424321df1197b3a0f38d1720005bfc181cdb0c0

    SHA512

    7fa1e56f1043e631a2600eb24564a78d394f618e6d310bd7a7f2c35b160dd9bb6ff08fe3f4a52d8180232419888171f11182b589d2d94adbee4e36f66437744c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80611ca7a25675c70897ee0f56a2c4b4

    SHA1

    099ffab1423cf19b32404d5fd141ab33f0a73daf

    SHA256

    add35ecaf5901c8487622cb313d0daf7b6d95ac078eb3bbe3c188d6aa4970115

    SHA512

    9abdbe4234bf4fe2ee0a20f297a904fbab1505ddd84700861d65e6933751ae2a4ad4987b0e523d6c7ba39c2183fc278b6031fea27034680902a5a06741a0d979

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a7ef2bbe1534fcc787ffcc749e0bc8b

    SHA1

    1c51beccdbd96eff7c71d392101722dfd555ce0a

    SHA256

    40a1eafc68ec4d6f9564052f030f8997caadb4576e2b4ffbf2426e47bee9af54

    SHA512

    405ed993d432a28e8b0dd17b524e4013807cc624a26649a40b2fa00006bd11b3e1955ffb3ce4ae35a2dac4ef9ea2319616f1a2a2a91835f4e6e666f40ed01fd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8995e68973aa5b2b59693f2482d8a29d

    SHA1

    1af858df9a48223e99ce347192f488f679bdc935

    SHA256

    fccb7312ac925d256480a4549528fa37b3f33fa9522e856f8c851f0def020116

    SHA512

    12cc8672c8161d01c5d39314009ebb64e0f575c44c21b9e82b988fd672568dd68f15dc0647ef6d4a8d6ef54b40fb2227f2e836e41dd276695a35b84fccf66553

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8F2AAF31-494F-11EF-AC6D-CE9644F3BBBD}.dat
    Filesize

    5KB

    MD5

    0b2fa9e16d61d963be51a512dbb60b3a

    SHA1

    313a1ec116b6bea3ae50571c061cdb097bfc60e2

    SHA256

    a29f15dcabb3e8b2e6007e9c2141775e7d1d9e746b6afecd7bc4946db1b69e00

    SHA512

    f99c8c02e378008f8f89a06af0ff2bf23ce0ceacd7402542de378186f4eafd19385714bf7dba3e3eb62c482965036ee934ba2a1ab015ebce1a47e8bf1e2113ad

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8F325051-494F-11EF-AC6D-CE9644F3BBBD}.dat
    Filesize

    4KB

    MD5

    8268f8115699ea0775ac5ee238380e7f

    SHA1

    eef58886531058a65095be649c1532ba9de68190

    SHA256

    fccc89db230aa26d907c577def734cd39654678f79508bd5afdaf573c16e261c

    SHA512

    60ad124309ee299fb4108b954d8cce7a7408f2aa203fbd02e8b66cc7c6036aa5ee1f33ec179a02e2cecfff1343f65e45f696a7cbfdba0c544e9f9586dbed4666

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\c2sxdb0\imagestore.dat
    Filesize

    3KB

    MD5

    2fa1fa2e732036044b5e9d5110f48367

    SHA1

    db0b1c0a2701a383e495a76fa3381c86725435c2

    SHA256

    1fea7c0303b217c934223b415079b89b499fd3e9d32599ab51cbfec5984a9981

    SHA512

    cb7581d8418e89a6c2e4c412d3b94c3146aa75e0f234aec2cb8aa10f648b77377366341778bb3ece1a40a7a25c209bf0f407c69258275d5df4a829f7fb39e0e0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\c2sxdb0\imagestore.dat
    Filesize

    6KB

    MD5

    d3d2f4d65ba6cf393682028b2cff3b70

    SHA1

    b3c442f80790b4eca62e177416a5efe1255da27c

    SHA256

    f37f2d66a848d19892235eb496bcbc346139bc087a3c177b9a6577283ec9ba33

    SHA512

    6b344f15350b8a820430f49fd2c1ef0d66a36f9c4187ced453651d100f3edf210b980733a8d18c62686e1a00d808a262443a399712d8250474adc65bd8506f21

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\favicon[1].ico
    Filesize

    3KB

    MD5

    75431504e45e9a6cbe94abe910df2d61

    SHA1

    f5017102eeecc57896d27f13f24093663fe518f4

    SHA256

    0e7b448d6bd1929afc573ae93df3901eb20507a295e059f29076dba25dca0e46

    SHA512

    238b3ef8b1161f419ad6143ac5a4d5b78797a6a902f81c06b7c552060ff41efb8e033ac550d6ab9add6b7bb32d4c64d160d5c4000daaed28b23c8d936a3c74a0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCCE1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCD52.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit