Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

734aca2300...18.exe

windows7-x64

3

734aca2300...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2024, 08:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    734aca23007ca3bb348389a7af5909fd_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    734aca23007ca3bb348389a7af5909fd

  • SHA1

    830988c21eb167e59855bc6f9fd404b84df5d3c4

  • SHA256

    e37cabfd834d49ecb83ec261a01f32a0f828c78d2a7eebf9a22e9b3499965c29

  • SHA512

    7d19d0c735f6e05d6491504ad2e2887f3f2fc227ab6b6fc70e5874fe33fd940e51ca3f12734af8bd1216a1398489616de5bb2199bfe494b42c2f6ccea0316394

  • SSDEEP

    24576:MejDKKiDkY2+AhEcy1BirYZqXMrDjUm84QeP3Cqkkkkkkkg:MeUDeyLZqcn3CO

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\734aca23007ca3bb348389a7af5909fd_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\734aca23007ca3bb348389a7af5909fd_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://contrev.net/redir330.html
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2020
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a05a9f6af60ba7730eb8b8939364ab51

    SHA1

    be92dab8efb6e0312691297186bbc80078ace1d0

    SHA256

    ef5ecd0673630b0cf6bd1584be161f6f8c5db3a0eb958de70daddb41d94c60d4

    SHA512

    eec89cebc629402fe8e3168973a168f48df91dbc29a765b1c31ef56e4bd31f6e34ea49670ed7040f997da6e106de007bc4080c3f16541ba0af645aa9473ebcd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5af021fab293b7ee46fd65865c67017

    SHA1

    378af65bf1aa9e7f0c11aac1674b7babe5322126

    SHA256

    b8c8ee4bdbbf3f6de848dbf18f45c0fdd46a1d17ba2f84c739136c5e3e3a386c

    SHA512

    7e4f6bf243a32edacf4dc1fc0380b4a8cd114f04aeb9f72b7e8e1974779c48e66283497a640075b22edcf966fee2e956126776512bf32d1d236aed03230f4766

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d1f1e1092418e1e623f5f5fb3823f7d

    SHA1

    c3294f9d77bcb61c26ed735facdb10e67713f5a4

    SHA256

    5cb540354483ac093159dbd4bcb8f1c08b4b3482be40d6bf10f2cc3e2f5b5bd0

    SHA512

    924121de210f1609f91736a5c9066a93d6e7c15381e6fb2bf95579a9ea56557504d05887e84c460b0849f4295fa7bfea637268d6cfcf78a04865708f9d9e2a00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c4f23ba380f3cd552b602055b6673ae

    SHA1

    d4555c7e29995831b4bce16c58256106027ca034

    SHA256

    0c08003bbd4e3eb48842ab1f9fe4cd3d29695414d0a98a8e8b727b20bf9dded8

    SHA512

    e45ab2a2abf818798c3090ea257e9769117cfd862a9cd5a90191593914f30fcfb0b4d2811cceb6c7e1dbde5dfdbe446d5e6dca9afeadac03248472ae4f60f6c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2beb1e00330c3ea29440fad77ad10c4

    SHA1

    f478a223baaba074e118b05d8b6098e4101eecae

    SHA256

    567783488422317586bc75920725c31f2fc634c4c282cee2a3a8f5d25bffff75

    SHA512

    45b052091e5ed91ec365c6f694fbd4b1faaf39d3b4358e6d35c4c8169d5d2ccd60e5680c32a9a655d0427595515974762d175bbadc76e6664420bf9a9e2582dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6065e0b3daa125698818047ef8b7b6fc

    SHA1

    4cda1a7742c37541fe5f74743b897cd386bb3c21

    SHA256

    f59a0888610d6cd3510e37f46a268cb6e00b2192c9f7da53e2775427331ddf26

    SHA512

    53fed915fa9802235aecdd90adb527deb86f4c9b619ed58029155da6d8d74e22536800e3917b01d44571e845a386fb935ebde6c124ffd36c6b64632c7f5af20a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55457bd76ef4369441260e68c358b861

    SHA1

    9c4ce4a5689b9291303f2df077a14948abec1e3a

    SHA256

    c29917fd9596fc1e4e8e9a2850469dc2969a233d02c2a14a647570fa942a7eda

    SHA512

    e6683a22e9b96922872289c90a86dd2ab8d3d1eb3307d6d18db8faf172b7f2bdd966958f5ffb2ebe737bddc1e133ca008d64f4e7a68359e08a7539fbbbc78d88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c3a431a677990a15b7638628a5df3af

    SHA1

    fac5debe3650948a419158599c6a8ef6d0c77fd2

    SHA256

    4b394bb470edeb4134cd2682e3ded23ac38242770e49e45e6f3dea5c6eb03b98

    SHA512

    32d2c2117422385e4faff8a4955c440af078ec34a6b7b15c1d1387811dfde12eb92b3cac28e52caa7fa0ace6f88936328ee984ca03b5192b8c16f7d1a51c4248

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b049ad45417d6d0da7245eb7fb696ce7

    SHA1

    8f97f7abb24796a684e48e1b5f0532e5bfcbbee7

    SHA256

    3f8c45bc1c771ffe3f6609602b0708a55fcb3f2ed7338af1e41cab61ea907559

    SHA512

    e4616145ed593172074cb2e353776316c7171dc4ac29708a38a092d615e0aa9eb66a2573dcc57355ab777e0af243161108b78bd149448f8bcf87bf189291deb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce763b5fb5d5eac2d84872c6a0ff3724

    SHA1

    aef8a5d22cb3f0ac6adaa0024d165a02a3f161c5

    SHA256

    de07bce9774754da1d5fc2b71fe7ac4df53c98c12459ce5e73fb233bb9617508

    SHA512

    3d73cec05e63ddb91785b0d462dc35b8ad3ecfc776971ff67deff3507f0d25bb1768d6b3556e75fb3e6594f0620ffdd53a73c63af7a50b3997748e8fdc830d94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    076227b47b5bfe3172150f4f653b3b34

    SHA1

    4a6f87c62d5275034094a600d6501e83e505a900

    SHA256

    279e806083fb4ef0f2fbfcf7ab3d7367050d82738b166fd0a3544a03fe8305f6

    SHA512

    19cfab1c38b23912b32f51fc591057c7bfe5268e9e8f9584720cadfcad1dd3a991febfccbae7d830b07e287cee8c19b816b630ad14d45a2fdfeb6aab5a02a751

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd38af71b8092c6858cf8d86ef6cb09c

    SHA1

    192225372beb7319ef843451a951f6568923b191

    SHA256

    3d9ce44428c12b1a53d72df639656b532ccfb272ca76332b4a828eadb38d8f44

    SHA512

    c70aded6ea3f7c9362eb8e975f0b416e49cd329ae708a3be858fcd47103ab44d2fd3719b55677167ce15488672572d59eb9dde14052b43bb52178c17c84af9df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    659889ba982fe449fa983df921b3d50d

    SHA1

    7146c7fba3cc2cbd78baf9d078c8ccab94bbbece

    SHA256

    54ffffd5266ea5b4fa321f094af9dc5f53c870df7141a198928d1e37bb803451

    SHA512

    2c41573d17e73cb6862a9e3f02d9dfd47646abdf5fb8c2007b23222a8196c9bd47d40f30449e10c7b1e6e69fc6e4db965f812a482fce35eaa40393d34eec0f94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05d35856b4e70563a20c0ed879fed7e6

    SHA1

    67e0e2ebdd6121adc0143df51ad66951ed4eb66b

    SHA256

    40ffee1aaaaa511fe8912f2ae147512008efa29927ecc59908644c8db2573a1f

    SHA512

    c2e6686d953593e832685c75a5f6a0bcc6daf61d30cbbf1c8201b836559688f7091bf8c9b255662c2f282dda274efea030e96f7ec5753f0d7d0b333355fbdf93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb5185543819d522304ff03c06d7d3c8

    SHA1

    1c5e765a7951e421d3fcf49010899f407b990ec7

    SHA256

    de2b82fe863620e0a84d075b280ea5c9bc6d8a6e5c760759c2589bce86244d2c

    SHA512

    042410eb860f37c053f77d70f6f9117c31c19888bdc6efd0e94669d1af49cd3f9f4f43dc92f41ace1eb4865388e9fe7e11b157dff0cb956b4c0c226e517a4cb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12d21f386bdb1095949f9eec93ffeb54

    SHA1

    0e308c7c43b94614545cbb537fd80e7cefbcd833

    SHA256

    b70082702831cd249e4f5c75dc28b6064b1efb49e1df3a71ab293661268da699

    SHA512

    fd855b962d5449e369e78c059b29cf5e30e061182af43c78671972a910c5cbc8a84428dfad2421c1c3ec927b282c16a52dd70d5180345d04077adb55e6d34c14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e8d37c8a5fc6f84fa06bac384fbb095

    SHA1

    6e6ea1bb9827d661e1644dc2d09860df5f741398

    SHA256

    d966bc786097b2e28934c1b533a2513f2c3654bcec1c0d9ca5d1d34362a88fbd

    SHA512

    01f0d922a83065f4ad3b9d5e71858c0ca9471195bb9f5728bb4b1ab39f330234790cbe585a0c90288f96832b7c20a974fb4e87f65f1c8938350f3ddd3fb17a04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    156e130ff0f8b8fa53f9dbbba6425b14

    SHA1

    3242c3727496a8128a9f0407447d6b8d405942e3

    SHA256

    a4f0de8c19a0bd2d20bc684e1b1a16ef7287e1add45a1f1fd5dd7a8a06a6234e

    SHA512

    43377b06fa8a76635784e2553150e91cd601577c01f27a64ac3b89e9cd35fd8e1d6bff675d2cfb7a5f58fd9f557e4a8eef2e62ab1f89a251ed9534f57e66077a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d6f0d69377b64c18110e02bdb4112a6

    SHA1

    36bada21068d771da0711e61b22abc86823d68b6

    SHA256

    46e765736561116fd3a7e342355b862e862ff1b678997d5b7c9e4a77cc7f2cd0

    SHA512

    51e69aa0087d48710f84f0dab9e1551a1bd3b56e3b1c9805d0adf1b2b6fbda32e4b462bb36f029130ce2590b9e8564ad1da41baf07542bd573ad4e6c29c82459

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC81.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCA3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit