Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

66b1439e80...18.exe

windows7-x64

7

66b1439e80...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 07:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66b1439e80646712212644340c7a35f0_JaffaCakes118.exe

  • Size

    26KB

  • MD5

    66b1439e80646712212644340c7a35f0

  • SHA1

    3e386af0a3d852dc6adfa736b4e598afbd91480c

  • SHA256

    34d9415ac610340c593f9b623bc15c59b35008346a29e871113b2a9be25bb500

  • SHA512

    1fd5e245b6b6f84ddc8d3942d244cd0a6dc6e3142908b0bd50511613ba47e9b50d7bc5a64cd924c9a8cdd44131958c4370942c1f482b939be783109ba0645b85

  • SSDEEP

    768:kGjbz+Cn/SkvAC0Nv4BdB0VTmwU9uKPX3CnPUf:kqz+Cnwem9KPX3CnI

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\66b1439e80646712212644340c7a35f0_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\66b1439e80646712212644340c7a35f0_JaffaCakes118.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Windows\SysWOW64\explorer.exe
      "C:\Windows\System32\explorer.exe" "http://flat.trafficadvance.net/AccessMySQL.IVRMobileEntra?D=10897&C=1&MP=41
      2⤵
        PID:2492
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2176
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://flat.trafficadvance.net/AccessMySQL.IVRMobileEntra?D=10897&C=1&MP=41
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2216
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2788

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d62fdd381bb8677a56b41be00bc720e1

      SHA1

      3c99d3aef7836788e2d32557ede83c1445b66733

      SHA256

      297caed04cf40320d629c317a8bd5b1c24bcc44ff41ec40e59c7f8f7db02a1f9

      SHA512

      a4a25e33010c2c1def66c361f99f89b9d718207d5a65370e87e9e41912c655021d96692e0be2ad7510fdbfab18305b610554b217b259b911e4c357877d382d9d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      2e20d1dfef4754536c16598bc75d42f1

      SHA1

      a1d266629268892e7c9ba98cde902ffae2aa6af6

      SHA256

      43f01761906d8d06d138565b647a57af8ba9f9e3325f915131727aa2b6a296db

      SHA512

      e96afdcc4a3c3e4345eca28446872d81d87564d5441e6c9cf26dd886889dbac4c28c5c4a9c93952ff7dde1221d0a96f2c18e69dee0e65b1d3bb233963b98a94a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      323b923dd7c0901d04a6fe4e4d8b0a70

      SHA1

      c5996e7c7217ae0fc882f454ae942f1f22c8c5f4

      SHA256

      a99d3eabf1abae311a9207ba6f8e74ea7831121051ddbb44eb1c87a7d2085080

      SHA512

      2455afc57537e5d3a55cdeb570796e2b99aa020b31b861dec9d7685b0af904349ce47f949caf1ca92372598d9385eb661272bdbb372e894627ff65b3a17ce566

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      ecc9bfd7a04703fd6d148332ed7b9e02

      SHA1

      16f5fbec315671d6df2aca930864e5fee704fddc

      SHA256

      b38dbceb870d8a2df64cca58b9efbb08e79d1c539b9456158c5f092ff06fa94b

      SHA512

      34fbe400b3c23a6c7348f32ac9eab9d8215cf7624eefe7e41e7cf6642230ac17acff53ff66c7935a07d083215a749187c196fb29d4b5c38cdf951eaa5be613ba

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b47198207ad5febeefe497bdc8a777fb

      SHA1

      f65b06fc2d70d43773751f776c2793d3155954d8

      SHA256

      c1026bb7f979cfd23be5f8337c067b7f77eb2ca394bfe3fd21ade903d3174394

      SHA512

      e3cf9f15cf83da5252d2edb4486122d419e25de6af1278d23ef9a8b4396c0833b917cfcb07b7f5a3dbc103681a052b569796befc0010cd2978a544204bd74a8f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      7da76202381356478e38afe8fc4ed9bf

      SHA1

      1f055890d97a1ef3a30c6ae990e3a728be1d7236

      SHA256

      285ade1157c2773415dd3de86f2a8f721ec70c0b5e0e810eb4f0bca33f9d85ed

      SHA512

      4d3dae89deb6e843da1a2e0dd0d220b819005c5e20de9be9949aeb12065dd11da328bd7c6c3ec370d5e6d52fcf55a7eee1a3ac0f3fce5cdcb2845a8b6e3728be

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      b353d2fb7d39d43bd7d1e7de0a699411

      SHA1

      bbc74f090ab42bd4f0ee92e5771c76154c96d61c

      SHA256

      09c9d6cc9cfb3ef293b88e81b53038f807d8ecb8d5a468889e9b27feaf7f9793

      SHA512

      f829d98e7d4af2e5749d864c9525c317995d0281e7cb4dd2e6c85ba3d03a6f9a483ffa9fc6d3b163ded5bacc1c72221c43c3ebf17685f91a11e224c9cfac1869

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9bf146b1d36a35c0122bdcf97fdf2cd1

      SHA1

      026bcf407c8bfd008a3647d469dbb9d89b7f9e70

      SHA256

      588297307f8c412ea07bc2b3017aa2ca1c0d557abc36f88c2e6158d087f80283

      SHA512

      4cdc981649d22c46abd294b6cf36449deaea119b880c88800334994f9a88ca1ed8d052be0dbe71af047ee222186a1f7146d596fd791717324127de5f7b26f674

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      542c9ed220e66616ee84b733aff28c58

      SHA1

      d0cfae78ed9f65c5a2d22be9b43040b2bf8fe880

      SHA256

      edd93103f525db7fdce0c07e52d4f550467437bdca5eeab15c042c7f7603934f

      SHA512

      d19162e47f7485d5b43d828ca5ed40656c0a90d022aaac74ccdd1f474844a1703a2e58250483570bf200afff54ea4654c1f6b00665e86e8da3f74f6985b15ea0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9d345de3710f7192b43c2d60bf218cea

      SHA1

      f4e975be821b72f2640ac2b4cda621b93b21a05b

      SHA256

      261a8bd8d3753d030d20f26e7bf4e8660b88a9543ecfda656008582789dab8dc

      SHA512

      30c33d27a42d8eae134ce3d6f709e85a33e388fa39d845d91d6f7565935182913e6b669c447dbb36818aec187d1661196cf431c5de735f0b3dc795419e80140a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c88d8711f680a043bb2405d46fdeb1d1

      SHA1

      0570809e861d6aef3f03f1c82ca731090102c7be

      SHA256

      6e84b6bb9b912c262d1dbc02c20fc359de392c285a1b74063dbbdcd6b319a851

      SHA512

      aca414a6e4f2c739a9963f03912dd6e480a731129e4a6161583014a3ea37145c81c80e28dc6bf09876013a0e4fd8f744e1aaaa86f18201ef4fab72e77630cd84

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      8675b1194c27d4cefd09dba0f56eccf4

      SHA1

      eb34c5c91ce13618595e8fee517ad8fc882ced9b

      SHA256

      9378bd4965c1903077a5accc0316914b765ca42001f8b5857facb55d1f178335

      SHA512

      ce1dae40b42d1b37f1d06e370b70bc8f0f73f2893ee06ecf3dae8a269b64b6ce4435400fb2db0b155d8d898ee5790a1e49d6ca8603ca7dddda12854c74993aed

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      82454968d0eda93df6f1784825fbf4a3

      SHA1

      0ef540c9dafbdfea7da967a6c3ed4a0f28f13913

      SHA256

      e671399a238c85aa2d9eb5f5c1e3702e66a44d16f4cb36db06b0c64d255ee864

      SHA512

      5e5bcd9c9754aee5a5f26dec5e97607039138d4ecbb9d2a9c1b270b1aa1dc5efaf7c10976c5210c5d5f3465f5c1973952966d9cf0397c0537d66b79e01919c8e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c901e9ad9b818e08bfba0682c2e8c504

      SHA1

      02cc61abd1ab8df8778e8a8fef786d618b046ce7

      SHA256

      bc04026de63a74c036da78b30707919a74df702e477c426baaaea92ea3b553ee

      SHA512

      2950056f0b3da4e0bc985827ec9924486a20b17eebf994ea04ce4b709d252ba05a53db86689de3909c5401927cfbedc5a69296504e434d2b916a554e4adabea4

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1305a529927135b40be015e39dd78921

      SHA1

      fd62882d6313ad2b9414f764121ff17ba5dc4fd1

      SHA256

      194b849c55b84b18230c0418654f2618429f56f59756003e67217f61cf82f078

      SHA512

      db7eaf20da97f4310e425d43b3101d08274b50635caaa7741d39c87e9481904150a2263bc9de89bcef7e086d36341dbac742f0d4c6eed506c77bedc89f617b11

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      7e8e235a50d33da10eeb293f40525f4f

      SHA1

      039f5f4a5bef3848fe6e2e3626e9f0c1f0059a2b

      SHA256

      ffa2bfb42173d4331a9dcc1f358f04c6dc5f71d7a697cfed684f60dcf50ef069

      SHA512

      935adfba3e531bcd7426fea2d4b68d4c397e59389f1ce4dcca7752d4e9a8820ed0eccb81864efae5b2087425f604fa8f59c81c23cc34e64b24048072d96c8b9b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      e14c939c6d6227c6d60e9d2efa859bfc

      SHA1

      ebfa83930b6a3ca36a4f1d28818f073841f01124

      SHA256

      b078c8c897186ad2b8057e2248ee1a9cc8bdb3487ca4411852a53cb650cc31f7

      SHA512

      cf52eef5136656a8e17e677620bfc90b0bd977f4c7bde192c7f438297bda8b3d2b2e3012d486a8a060671807860c77d7354d863cbabc71505a67fdc37fc6c67b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      be7748694876406e90f338155a7803b6

      SHA1

      2d2a96d78576ceef3f288cbd3d40a3d714140571

      SHA256

      7f2d9cc01efad19dd80b7fe285092a44bd301606b45957df91b9607eabc17ed8

      SHA512

      b5822c8c4f2a0ae59ba62d80655b84c5b5edfadd7d915cbf035a0c81e73abe7cdbec00cb18d73712e1bcb114ff2441c72020ae181a5ede9b56f9d216d21ff5b6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      3e711b5bdda54c0f5825889092cce483

      SHA1

      438b7aeaa3ac4d726a3e4bb60bf42b72f7109b5c

      SHA256

      005932cb34b062fde5fdadd4cdbd94a60710f14a940db542b24b157881858516

      SHA512

      8d559d4c1454ac26040810eceb014e0ad2f6e5d124cb36c3d4a74e2f88b60132ad828f9152230cbbd9f828d7a3176cf92ae90c628c0fdf7789db6c866eec2418

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c008a36ff37a5ca69022fdb539af687c

      SHA1

      799f87360d11f1bc6e9d632d99f8df6638039dce

      SHA256

      8d89473e72f82a91eae7e37fcf80054d84909757b4fcd8f1ed9c74139727326c

      SHA512

      e6fb118968b6d7a7b857d5690bce4cc454e9d1b90ea00168eff795519fbfba6dba9e51dbf5d20bf2a45d5bc891d59232e291e04573fc0fb85bcad0eac4d58e6b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabE6AA.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarE71A.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit

    • memory/2304-7-0x0000000000010000-0x0000000000024000-memory.dmp

      Filesize

      80KB

      Download

    • memory/2304-5-0x0000000001CC0000-0x0000000001CC7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/2304-0-0x0000000000010000-0x0000000000024000-memory.dmp

      Filesize

      80KB

      Download