Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

832f038d44...18.exe

windows7-x64

3

832f038d44...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02/08/2024, 05:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    832f038d442cd5b1362bc79acb8a6a18_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    832f038d442cd5b1362bc79acb8a6a18

  • SHA1

    4cddfc240477c3a6891306fba39db54be72c0154

  • SHA256

    1502715aa09da19f9cda68f6434c51ed80dd049bb9375fa6e672e334157dd284

  • SHA512

    81b206458fd34c8b74e104e00cab93a1d11fed5f383fcf73ad5465063282306b008bc3d44462937b53984513fc07187a869cbda8a7e517e345459b41cbc1902a

  • SSDEEP

    24576:MejDKKiDkY2+AhEcy1BirYZqXMrDjUm84QeP3Cqkkkkkkk4:MeUDeyLZqcn3C6

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\832f038d442cd5b1362bc79acb8a6a18_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\832f038d442cd5b1362bc79acb8a6a18_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2484
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://contrev.net/redir320.html
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2528
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ba8fa9ca7b4f060b234309d8385361b

    SHA1

    c4dd3041ffc1e6c7ef81b7af41ef9646eb62fdcf

    SHA256

    1dc8dd3d0e59e378d2f66d3ea69fbe4f2b59d7969d2625a77a689f010e4e70a5

    SHA512

    30d5f374f96fe3e9e725862cc3788ee3c4391a72c7bea106b287a4bb20a817bae1c2b11ea86e5bd856655bf3f6684edf7de682bcde9833c8e6f6f36b1c9b4f1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22092c978b1cca218bfc4ced474cbf23

    SHA1

    d321fdd72ddcbb3dbc350c34b75f11ff66ee8d54

    SHA256

    e5fa18f02dbd3cb04272f26d1e5c308fa0b5765eeeb90bfa1b28492695f7e627

    SHA512

    4a5ca95c28a0d967d39134a4449e5219086d41f1e4bcbca8962798509defb65b420e5af073a8e08dbd6cb9430a60dee0c001c29c1ebfc09892b6fce83d37a87a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5265172a8bea42dbe562f225b3a2e473

    SHA1

    8a1d63bb0dd5df08b6a1a006df57a561e432ab4c

    SHA256

    149d5e9e136466725e7cc10a1c59017dd266c044bab16380d4c3ced82caa65c5

    SHA512

    e4256900f6f8720976b24e160975048760d6845e25916a3e2a870b8fe807a15aafb461f3a09b169176a01a5f89b793d3d1e7ba70c1ee514361095b23054cdf28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01ae988ebd1e23414893fdecd93a8100

    SHA1

    4db696f824cb1168af4de630be5fe107fb886922

    SHA256

    ff32efd129b60686f0bbb319aef79e1d883d68f786aa12193f613dc0fbce2612

    SHA512

    069c16de82c61bbf4cfe88d5b67f8f77dcdd7104d8c7f127ba7725cb4148e52d5f3de46d75402f252c5148bfff3b39c8f7bd8ad1661e5bd9a9bf87764f428572

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3901fceef01e9b486aa42c5c171f6812

    SHA1

    a07383155234e828665aca6a1f9f9c7b2317e9f8

    SHA256

    03157df026707c98e7e2ca9383f57d4146318dbeff0a6bbbc1762a89fc37abd9

    SHA512

    fd666109f1d3c884981790ca7520084266622a3c6c5fdbdf1f7e68f93642b60b77005d5e4dfe47c5373682b1e060ddb5cdcf95d29230d1bf60ba207f0acac914

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe7135fd94fe2493336075cab4c2611c

    SHA1

    4d009a16ce1dd9460d1f5a497f981e07996b7e6e

    SHA256

    872a8099dfcb7e43993753a62c642cc2ad4b244bd32e90a426f5bd0cf82130e5

    SHA512

    0985422c65ee0a0c95e675456c4a79f4a55bf99bb4213c95a4a39dd30db373093d6f025391a3f6f0d13fb8d4792f97fc06569fd1dc93a645c18c2cd7ec775f5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b89153d18a2d2470f3edd8e7ec98fcfe

    SHA1

    bcd6f620f0f5c6e76922545d45f9f69f8ad47f96

    SHA256

    2c7dcc8853b8603b96f300e1089a2cffaff4a807c64f19842faec27ccab405c6

    SHA512

    9f4c4c2dc05469dfba44c9a3590f3b5c057aa6bca31b9b9e9810e7ea396cf6970708f09e59eb0be0ab36608d8fc22cd1705b8fdc637a722956088037efed470f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfe4db4326657c192e9482b0555dea50

    SHA1

    f8e230790c74b9919b1ff7b87229b23fdd7554fc

    SHA256

    18cf81b459d9c213d3fff784719fb4e2e209d61d7f4887c2f04fc2bbd24bac80

    SHA512

    3679c3663a70b9dbccf428f5e073696979247debb6259672c399515f01e13617e9c5efe8c56c1af4a70f7bd5175b38b39d052ef57506104c8c4bc8b49d842978

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49f12a491074fe5593355d4e6cad7b70

    SHA1

    20bc04002964cdb9cdd086a8d1ad8509ffe9c2d9

    SHA256

    2f34eef7c9af23851c3864ec08821f5f0161a3fb82a6cf57ccc976e61efd1c9d

    SHA512

    f4c54b983117cc70253cfdd621b4d1f5f5336149d68251e4290d9ed87d33303a0e26e0b1ce9ac27d585d0c9bd4867c57bb6646f123a63986448c857041f696e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1241229f9825c8391c9315cb9693852e

    SHA1

    4fe2721d4415ad268840a662f9fec3ee1065e634

    SHA256

    7bc44e1353b699c0c4d2a0b8fef7fd374dd0ae0be218637233852f6c95c7bf35

    SHA512

    bee99b90256ac5cef6344ecdf8a312e38a4ca66aef77064d0b5e9ec9fb0369d8df23035a6b1e84057b675209c4905cfcb6b32b474b699e8d840dfe898784f6cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f92aa88456cb2b1f598fd5342288fd6f

    SHA1

    78c1c9a17c3b8d445087b898fd5fc8da2ddd297d

    SHA256

    6a2699587b1d2794d5335b04700512cf89877c7ce292f568c1caeb0fadf5c4bc

    SHA512

    fa5eadfa50c5f57cc32d1cf46a4648d6eef06dfb698df09c729d91aea1f06b252b6cd0fa4888912166e2c9e80dea33305dc555ccadef0129a3721c2f152855d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    135fb42532b6bc44b29123b67352565c

    SHA1

    2d9e67902bfcd56a07dc5aa6ed33b5dd7cd901b5

    SHA256

    02c411def2d2e2c2bb00fe7a80f149ada1625dad573804e3a8df7c93afe281cb

    SHA512

    1ae77d6611ba7a5ac2fdc87dfaa0059e3691150e7d32145eb8c9033b43e6a41601f3386177cc6c5f796f562f650effb3bf6965704cce1cd080b066384f1959f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    580909c562904a8276809eed1f97f83f

    SHA1

    05595744b67c298cad247f2a5ab7f1b3664923ed

    SHA256

    ccaad9c08931414aa41a3492d58d8eaf96a5b7606747cc7701cd7c6bc38eb119

    SHA512

    3c1eae37efb533984583515ab79a3383eb6142043450e9bd4d9bd7b0b6fcd7825166791ad95445734c12d835172a8f12f05767a2012a77227812191ecb495381

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77e43f63329c42fa87f1a73b93738948

    SHA1

    8fe946bb8392bce4a90ed4c9ad848de2814d49da

    SHA256

    aa483c7b6863e0b0813cb57969f1a16d2adc125335f6834d404df8561c4af235

    SHA512

    d582af39c757ffeb533038690a89e84d9b10a724cc4fefa93b17a050803c3a3de03bc4a3d4a9110d5a5504b2cc227185cceb3239bba52c40d99b11c67e962637

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fad5a16b9e00b857d39213e812930547

    SHA1

    f01af85675a3e5e19bca19b78bb08f6ab1719eb6

    SHA256

    45306961465facda498b8145fe4881114f02107631f8da30ee57d385561b5d16

    SHA512

    50d49ad43093379ed4355a54d3895070d51e28cf1fe9817142f9a02738c88158d21e1a1603fe6913bf21b199fa86fce1269413208e5ac2e0b3fbda91be420327

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6667000cd7391b42cb9c75ecde001c1b

    SHA1

    fc793f5ce6d8c0682d800298c293b02a07cdd37f

    SHA256

    9714763bae2b46e56015d0f8a96f2ebdaafef28162a58ba82c0b802624c78bb0

    SHA512

    a75d6ba5cd2fb1d85d49d5194c2b9d06bdc295ee92392343278d4c43a07fc6225b45b019b580e9a07bfd18e6f44db802b008b23bd20611f3184875d138e895c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f9f532d5931277ac6a4d88338a4c4fb

    SHA1

    11521b73d5f29f690ffa477fb7bc82270b242a4e

    SHA256

    1eb5cc83369997425a759979340a86c6efdc0a7368e5fd39a560882913e19c14

    SHA512

    ea2de96539f3166ba6d11b82a9f3dcaca7469835efd5323298118b107a75a6fe5e52ead8f581220c5b3858c21847141fef816c7e1d7447e85df9cfb41010c0e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c08e83688d19f5ecc42514ceed005c0f

    SHA1

    95354092908df1d037bc819cd631a72388dfb9cb

    SHA256

    f148aec076c1fe7e8276df0e803f2db0ba96a4fbab7c9b78773191929a567b88

    SHA512

    34f38f98f5115291849bc545164e68b4f47c0b57c93e7a212baf9b8c6c1936df6c725e54f37b2050fc3ce3062236a0c85a02135dc9c34794b4f9be52ee8cef06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c53372418dea268225986231194545d8

    SHA1

    ba6b7717fc1aa7d4bd19bf9cbedf11b0d944704e

    SHA256

    b4f58c20edd31f505461f658026434b24a3df4c7dbe8bee2428affcecc26f6b5

    SHA512

    6b75bbf0818a7aef94e07a07e248bc9fd4bc23039c6868ac99b19775a37be0136dd7a94110577a5116d57b05f68af8853d9f37ceabb405fc8521c16d4be4da93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e1ca9135d5dc105ca113fb95929d197

    SHA1

    fedf3c72f687143eb741fd404fbe6978d13aa3af

    SHA256

    ea63523128da1227ef59958e41697b5eab4e1a0a55b7a9de7bb46249d8138634

    SHA512

    0c7f60efa17ede455afbe78597254e5a5ccc177e16544906a4507b3df478a684734b19c7dc2bb6797836d72dc3eaa02ebfcee4313daa9ea0f329553b0847737c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD5A9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD5BB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit