Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

669fb87469...18.dll

windows7-x64

6

669fb87469...18.dll

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 07:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    669fb87469bf6198bd88b6cf8dba703f_JaffaCakes118.dll

  • Size

    289KB

  • MD5

    669fb87469bf6198bd88b6cf8dba703f

  • SHA1

    787926ac1f2fd48be39a9ca2a53e1bedc6cff8d6

  • SHA256

    543889e0182a23fb15013679384402798714bad21e59a84e4f285bd6c98abd83

  • SHA512

    d18e52c00dd032c7cb2dc10403697af5a43d6e1d981d96c55d119153de2e07f1ca9840f16d925203148b3d273fa565bd264a8d44be21c5551ce6816295623981

  • SSDEEP

    6144:eELlfCmrHN6mgbGv0W66JqdCRKLZ2ZVJcP0pUu9NI7O:eELVCm7N6mqGvv6JdCRKLSVJcPeN+O

Score
6/10
adwarepersistencestealer

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Installs/modifies Browser Helper Object 2 TTPs 2 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Modifies registry class 5 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\669fb87469bf6198bd88b6cf8dba703f_JaffaCakes118.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1912
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\669fb87469bf6198bd88b6cf8dba703f_JaffaCakes118.dll
      2⤵
      • Adds Run key to start application
      • Installs/modifies Browser Helper Object
      • Modifies registry class
      PID:2244
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06e9324125769c0ffc29893faf9ad028

    SHA1

    412cd782a85da459781399c2e2886c35687f8033

    SHA256

    39a0565c5dbff8442acaf6530cbce4e78e23c42f7f2ff275ffaffe2e8aa971af

    SHA512

    4fe54a330f6147deb91f2e973ea9378da69856cc594fc26443d70c04a1435134eb5486e44ff1eac180e9c8b81bd0805866667300b68ba3c8e49b1d07c6ac79de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da33f744db57ae61e7bdbd5f8320f497

    SHA1

    53d89e060529088196eb61227c68430750160c9c

    SHA256

    a9f6ea908ef1737b4c4de1383070a261025ff808498e9b86d78730d1eb97e9d7

    SHA512

    234560482bd679a0fb5a054af6e70ab0672b482170d1cfa768ac4a7160edb027dc03dad8d6b3e4041b4cf01b31470587d6e2b25d328c491c2e5d9e7c20296f98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bba89df4597f65e651986cdbf3de7040

    SHA1

    15ab2138e9d2caaedf04ef8ab8a9b9ced60f7205

    SHA256

    538cb4f8fbc5712cc53f7bd355db26546a824f9555befef8a4dcde10d0b4f0c9

    SHA512

    d6d5e2f5025263ad12bd962de0a0aac28a74378d3ea6c6133b25d1fb7ba14f45e22770ca93fa962b781d550e5bd52d4c30918c75b487e5ae5ca92e71d2777fe1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    162b6761c414fdc81df960fa790e070a

    SHA1

    58b9109fea0483593e0c834f29a7912ed2ee7984

    SHA256

    449775e7a70ffcca5b58cca0f8051ba0031ef3e81a6b82bcea67b7363e9e0e46

    SHA512

    a82103397bac23fc29d928341aa73f82314a531fc929661eae887ab335e68b6a085b3c15fa410f6621f36854cec983777c971f9cde839959975b47d7184f84db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa1ff0fa7cff67ff6c8056e05420abee

    SHA1

    bebfb5f56137100f956efda266e35093a0467a59

    SHA256

    53f8e19e3c92436c027636778159584e9690449fd546a90cc7053fcfb75bb401

    SHA512

    3c426e6099c3d9a32d66f99ac5a84b1921c5639f4515d92c8dfb85a0130e45d019d5b8623a5c6886083941ad8319d74daf231ea8201c13136484423ece5074a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28134ed87fe0a9872a88cca4f781c028

    SHA1

    65b3eb086541aa32aa6ee690b1f629bfce9a801a

    SHA256

    0a9004709be81e921ca58e4393f835f7b5bc6a89e10122d77cc5fa081e8eeaa8

    SHA512

    278ecda5ff1c3c0f4b81647fe1ae69c743722f4bb88f3971517fde0f9d068985f3dd94519cc504e2211d7ba9fff0011d97b124b339afd4b07b7c1d77784768ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb056cd02b50a160b58111b20fd21e7b

    SHA1

    9f06fe65199ff9b386b9f5aee1e1881001f9a605

    SHA256

    4d56e7cd2534f867c78105fd9e35f509589af8af87e6a3ab085bc361badee1ff

    SHA512

    fd43317953066517fe995ded28fc8faac327ed230754baa6bbe27643ef9c2f9dcae404b8a5ea0aa71a4080a0752abe45453f9bd6b12f5f3e5201ff942da0e810

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4dca100c9ab252f7e820db4d125c66b

    SHA1

    041e46b9f3c1d6a0ad9ae7e711be1bce1c45acba

    SHA256

    2bebc05f6f1930f900c00324d28cd304f9e70fd5e7ce2fe389baf0ed38e3f7d4

    SHA512

    baafac990c94a05508f4e2de26c698449326069b17d80493472ea7575c7906024cef6adfd981062013743e3cd8ca44fc057dc00f17d84728272e7c441e232539

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7464743d5aa233af949150f91bb5ccd9

    SHA1

    561c6f6c9e09512dda43c96b323ad8bba8d2debd

    SHA256

    fd179d5f8b03a908cf08df032eccb2b92635ef7266b4a611490fa7b45bceefe7

    SHA512

    4e5854bf2bdf3ebdb637f8bc40c00095ecada8aec097cc7c2999444c7ee59a132931f911e87cfaad43a840c76a6172eacfbc74b834511a2dc1d564a90a792842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17d3eb518591f08a935b318df7309bf8

    SHA1

    3f8cb9a6eb40f7b3a7c4b262085ac95a3464c042

    SHA256

    bd0b4666263877f65341cd8be3b28b7a7c91ff046fab915bfd10d261bbf94c1e

    SHA512

    bd44f1bec2064d50908e4a6f8de49250288a3de44133a820d6e418131c867a460a1f96f7c92ea961d1ac64375e6258402ee87933529960b7c97180c1e5cffba3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e8b2eb7a311ae9d6f6b59a8e906bd50c

    SHA1

    9e0ba0ea7e68c7c20420b8ca4d2759598a38c5be

    SHA256

    7f6a7cbf14335cb0e824a799100a00a655ab1c57901c23c950b7e5d3c3813346

    SHA512

    89ba34b1b2bb84249e3d9d560236a61d7e34b9e3684a0c7909092a08b94fa114831216411f8ce5b2767af7b4b82c352c0007e767f2df56f85705fa022acbcaf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    245109eeebf52a65f98914970c46bf35

    SHA1

    a9d4792d631d1498dfe1f9afc4a67052c54faa33

    SHA256

    6a5d6b82e17943bc570792a0f5aa307f8f6262a86e592b24f766c3a3d06c6bc2

    SHA512

    73016875a37d51f5dc64d22d7ef07df70fb802687683236264d9d6b03e54f1dcae268d261fb5ac175c2153c046b4cec7f0d57386579edfaa976ccc008a334833

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    673d9ca8fae58c0acd6ee6497438f2a0

    SHA1

    0cd1e1e0682741ae689f1c109f2770fe7d557e7f

    SHA256

    2e5c4c79fd5a7f53db850707d6512b61b324187c16e8fe296f7795d3538ba72e

    SHA512

    b25f3daae97c5b1c0a1f695d675762441bfeb235c55716b5381f443e957bdbc9ebb09ae06d378b821a9fdbb72fe5290debc82f34db2f1917bef0a8ac27d22123

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    846610fa74b9cf25cf6d71030eef60c4

    SHA1

    59d20404d24d450f09828cbacfd4c02b468b550e

    SHA256

    cdebe090b588e22067e89220fc9f9165848fffb0ef5af790181e1ceb9d9d9977

    SHA512

    20a6fe8960f121d7c683a371b984dcb58da0fbdcb64a3238080b3677833605834854505656ea835ad5de0251fc4b6be8bad054bcd3a381ad2db0efac149046c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67988155a91899d163a3ddf27253668c

    SHA1

    adb4b7001c70bf19ab960338326c309c8ff949a5

    SHA256

    e55454ede18abf8316d449e0660786b2eb8db6ec671bdedfd5d14b527cbb9642

    SHA512

    be4f31a80b9b4cdf5e7bf852075e744c149ff4411d6322e8b1e736f089b200c68f989734f22e24e50ca402cf7d1d59ae667f81d2e075cb7122cc5b3174a4a285

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8542cb7e0be286c513b53e79c60b2251

    SHA1

    2d7c56cbe685968dbafb2aa750a463b7c344af52

    SHA256

    b4f4c4b43478a85bbd0d1964819809cb14becc344d7296782076fc758dc69024

    SHA512

    f520f6a6dbacc79928d61a43284e1c781e4f8cae23e8ad86cbcd2d4e8c47ba2555ab97b7d4ae3d7e3e70aff63ebd8e6d5aeeb68c26aaacbc8c918c2c5369dc46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b33806fbae7ad275100c7ab4a494e3d

    SHA1

    d0c595c46eb6b8dee8ab50b4293fe3bc0d544a52

    SHA256

    83c7e73644105a5cc1175cbad47a4ded3bc5fdde4a47a59927071424bff19cfa

    SHA512

    b6b23fe87adeedab3df5006a2cb6196f7e5ddceb4a213f8835d64534b908ae8db992d7374262f9d44615723b987069729832fac99bec9c113097258161023a78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db6a32d27fb7d13c86f2e55530384927

    SHA1

    3a25a377092c1fa8a6958444deca1e887d64d425

    SHA256

    8a72c7de1780f0e43c7a459683e924fc52710bc40d55a03700a97c4ca8910d6a

    SHA512

    46bb884ec705b2e9991fc43a7a23e0f910fac041c5826d0483146a14336589fa4b533b45db9d6c63c9b28ac3900885325731d367686689776e0a355d1f217b9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    100e68ffd633f30879297e11dcf00f0c

    SHA1

    413988b283e26f8ca8b0c96a5596afed605aaf37

    SHA256

    1e2940599f16f3f87e4acc3d561b0e3c7064ae4db3b2524d6515c8b272287a89

    SHA512

    162fb52c6648bdc375ec3b44a1d2e8172f64cc55225c692f23fabd54d8078c176971603a02eea67a5ae1f465da87e42fdb81fd0bf596d37fb75b14757b3e6c1b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEC07.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarECA6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2244-0-0x0000000000790000-0x0000000000792000-memory.dmp

    Filesize

    8KB

    Download