Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

699afa6cbf...18.exe

windows7-x64

3

699afa6cbf...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    24/07/2024, 00:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    699afa6cbfc80d06c7d540f8546e14f9_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    699afa6cbfc80d06c7d540f8546e14f9

  • SHA1

    dee3b07c18fc40289b54c712d7440cac3f20460f

  • SHA256

    685640fb786620ccdab35a597df47e76b49f6b5841bb331279bf130608744df9

  • SHA512

    342e174c5e2c00ce0dd8c18da4909ea9d89dd3df9abdd56f085ebcafd74883a6c323fbc46b1b7e0e87e540b5441362c7aa5d1e0fd34a60bbd1b79081c09031e9

  • SSDEEP

    24576:MejDKKiDkY2+AhEcy1BirYZqXMrDjUm84QeP3CqkkkkkkkE:MeUDeyLZqcn3Cq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\699afa6cbfc80d06c7d540f8546e14f9_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\699afa6cbfc80d06c7d540f8546e14f9_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2788
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://contrev.net/redir443.html
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2728
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2728 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6013a9e7656b0d3255de4fb6035b0bf

    SHA1

    5b673f9218a3c45f0a3b55c6e42e8672c0c19345

    SHA256

    a7782ad50148ff3ce3f7f5b3dd1ee2a3b7f8a39194d72abe0f7303f5386a600a

    SHA512

    d4e58a0257bd73bfe2ac85b31c0b4754d60304855d56e85248209caa2df394cada508e9982caa3b420eedda0d3d60fae37c1f7d2e494b3799c0ecbe32e2ee258

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f122d1f453fec0db5c0a431e1097e40

    SHA1

    6551094468a5d724204c39921b863a6565b25bdb

    SHA256

    4b919dd7752228ba78826bfcfbb1ae6f7b4f0aca5111640525c770456fb939bb

    SHA512

    eb7cf5ba851f8021dfd6aa72f122963e02dccf501623d0c39241ce0275c37987c3aec7006d278e54febc3bdee1bc1adef2191504adc2147881bcf32bde7419d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c58d0ef429482b3fcad3c59f97995ad

    SHA1

    bf22c157c588916d637cb82759c9a783bbef7f06

    SHA256

    24b460444f2857ba79301cad4f8bd7a2c75f08db239768ebdc39159866dad10b

    SHA512

    2a3d28c0ff09402dfa0e9c2377f33f7e5bd9c38658569695bbb00008537b95033c05270713ed01a5234006384722a05ba32f60a34129968f99a8ecc72bc096fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06610a4a6c422dbf2554e20870184ad7

    SHA1

    7ac3c7ade85c69fe8eb6553328be7aa694133981

    SHA256

    75d91a0d1bf6f5b0ece8a87f57a4ebe78384a1df0d5945acd939348194cd03b6

    SHA512

    af00c959be1ab5463dd67cefd902efe862c314be666a6166b4389bd831a12407ebe3d8270d8397f09c95318106d470bf79ec398313c9f2fba727789fa88f63e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20ee57673e5d313942be3397dd7d24b0

    SHA1

    b3b8182d8c9838b642e12e889bfed7e81c6d4e7e

    SHA256

    406bef0e515e8bd184ddd1f713cb433ddad7a277098d5ee53c8a5f1e66631a6e

    SHA512

    42a0b9039ff6fe97a3f7a6fad7b55d99ff513df1e20e0a1b25fdb6f10fd3dcfd4b649fb84c98e1b78c08f3510c5d1d6cf03da5a6d85e29f55380a5a56a74cb0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5317b8d654c986e0438f7113b79952b

    SHA1

    95f41b0cd4d5cc37a690ee7cdc0d7e813ab37e03

    SHA256

    1570cf6bc36cf219e5b99d206a208a23161af7d9054e6a9d27d8de399e248b8f

    SHA512

    49767534cd1af3455ef8e863fdde5fa2afda23ae4fc4cab6b7cbff3da34e61fdf774441eaed8d9de407ea3061817f92beb4177dd44ccb7d1cf0110ec1bb80553

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4921fd813394edcee75a1c65bf9ea2ad

    SHA1

    57599ce530172150263758c05f104eb27654cd4c

    SHA256

    c0ad7bdff6fb9f58d9c053e181c4824f038103459bf6ff718e134ab228402eeb

    SHA512

    2c9432fa323a2ee5c83badd3c755306109fc98f05eb23554a57c82f1db404972d32b6172c50fd77c74c69deb1a8c9fd36f6631b48dad6d93aeba6b62325dc500

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a09af667f27b7722cbcbd8d37cae262

    SHA1

    c8b02a0d834752645a73ef6cabb3bde7f25b5c96

    SHA256

    b7868ac9fcc0df55a6d9ccf0c7656c6d3ab5332c617933bff08e8cad6d0af801

    SHA512

    3c3e78a1255b0223ec1c108df041e60a1ade80a8cf8b2ab668ce2a6503afd40b898f75ebac2e0ab309890d32f8ab3e058cb6946e1e0a44c4fad9ee770b604996

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    717b15f2f79be5bc02f5a0028d4735bd

    SHA1

    c577129fe5aa322735ee97e4742458bd2ae02494

    SHA256

    d1d6fb4726460762735b62a9c749f1ab2755d8581f4dfdf339b84fd6978cd92a

    SHA512

    a853053464079ea884001a6b5a4973843a72dac561b8f5082182d3e2f42b2106ceed061831082f67b11cbb8cd8d4a8a08d1ef494c42185bd8cb7e7637819a7b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    323d197a3ad9ca87b01130b1beb14887

    SHA1

    678440246b5a28ee97f89bc1b2474a80e669b2bd

    SHA256

    3c83d77c030ea7879195105dec126e5131535244c266d5fdf6ac691d2caad5eb

    SHA512

    4ad0ec98b55211f893699b371554def641aee393cc01750831059541ae88782d5f5c09a194de98ff3d2e63f4bd912263250864bfbd0548473b2b5fcc87d5b971

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67a37df1db003cb321c7f0c835ad0eb3

    SHA1

    006d2887668c7e2ab1d10cfa75d94aaa88df181f

    SHA256

    1710605123c2f460df3e63ad6c5d78b8fbaaf768909781c404f505806afd3a2c

    SHA512

    dfd40d02883e25e8c63cc7e47bc4647e11d31dd1b5944a23dc91d9ba1cfae759d8a40735213582128e9d3ef197a9e0e41911932bca9fe2b425d83215b77f0cd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90bb9e1c25ede53bc9bee0e6457a029e

    SHA1

    175f7eb16344d2c1a2fcd9087c333f7ab0607ae9

    SHA256

    57f0d85dbab85f089c18c2fe37dcde8952c74b57af99d7373f3f680b09051b75

    SHA512

    a0d90626fd6c94469704307c6c882ea95cc98dd2d87671d3d4dc02373a2ea690b6fc2fda74ff1c48ad96cbf325ab842ecb4acebb04ede45dfbccd78aaf6af6d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    edf08a02823c2a99ab0d9ce47c57bf4a

    SHA1

    fd9c7dec9a8feddafdcebd6ba5668e0e244d30cf

    SHA256

    76ab6297f1f9bf5d319b3bf0ad629dfd85555c1a2116cb41d7670d946ef5f4ec

    SHA512

    9ae2d6099804248e6f18c54f0ea6a5bb29462f999b9fccc8dd4b7ac791f7244e08dd6e532664521df4d331c6da67b64184257397586d5056829052b2bed22ad5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f2455e173218d4de43cbe9a3b187bea0

    SHA1

    284f3325f60dbf2532e899466c0bbf112a180641

    SHA256

    141dd0b59801bad3f4ba3ae8d14f7bb9f4848b0600fcc633efc5bc078e640613

    SHA512

    9fcc5dcd91e3746965dad8ec8f8504a36d448412cf1db79aa90dac823fc3f0c900fcc598115e910d33f7324c450461941377d23841bc7459ae9c5d324f4bd5c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0ad907f8d2d67448d6ef27dc4228d59

    SHA1

    3461b2cf830e8d946af2779c6a86eda6323e5a2b

    SHA256

    3f40cad99b3b44af39a860f9c323f0dafeec6a7b6383f44ecd824edd753864a6

    SHA512

    222986fe4863b922842583d763152b81250eb3f6ad7f01fc101d0f8fb7db141e4ad1a7f0d866b55ff172c1803ba64b5cc6c6a63e243eb8279785432a2de94999

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60a716fff17dabb5a26ac93919811ac1

    SHA1

    2a524ef8400ae8614eec160f9c28a8bf4c946bb1

    SHA256

    480cbbd701f90d575eb4d1fa86feda39b3e14156167929a8e963f67d5602e409

    SHA512

    aeceb29bca823cc7d968d950cd7ef9f0b5eb9fd7effa92efa5471b8385ec0ac503088c2c827cbf11e57afe857261b9f75e6b213c5bda18db9dea10a3407db1d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb1706fde2ee1280d6af9ef2f3853cac

    SHA1

    fcd9fdabe9562788b2c189e4cd221fec86c42c25

    SHA256

    41949f1056894df2cb83cb2595aa3ee6ce33031ac41abd969436beee59659fae

    SHA512

    99d90007ee81879e9e2749d2d1b44a7ba83690757d6a0efa50b3294693e576837bb7c8ac8fe96cb2f5a061843b0fce50b4ad95f0c418b87c475578c3cbd79f76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38d0d9c591793d43d8e3f1a9b79e96bc

    SHA1

    72a4a6f64cc0b716f795e4dc3df2800d2013edd1

    SHA256

    4f943b8e9ae3859562adb95fc65b20e7e2da91f9ade09d11a9c34e169f4d8d9f

    SHA512

    c22c05753e616f71d1e27b9207d60421341f1e2d2a84ba9c0a46e26949f5fc8a810ee5dcda7c7e99f6a4ba0b5d42c4a5ef1c47b082c5f9119a373d0bed40c428

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0616a2c2947a73e30aa8acab80d2ce4e

    SHA1

    d7a6c6fa96b25122d83ed22a6f4ad5dee62594b9

    SHA256

    59550b6e8cc745d9513f400487a21c4fd6e1de624f4c89713d7d76c65ba1dc89

    SHA512

    44998850ac237211d809e9e56b15dcd0d9cc8a48f769667083182ca3d6cc0119608d838de54215516de6e38b765287febd4493e827e1f025235eb2f22418c1e4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6F29.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F6B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit