Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

a89d39f060...18.dll

windows7-x64

3

a89d39f060...18.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 23:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a89d39f060e3e412cf76c4cdfba9a439_JaffaCakes118.dll

  • Size

    341KB

  • MD5

    a89d39f060e3e412cf76c4cdfba9a439

  • SHA1

    5a95620f012a0f06f285be743e9087ae107db3b9

  • SHA256

    063e4dd5e6766f16be243c2a4a71ceb0ed4d71eab6ffd35dfc8a89aa0103489b

  • SHA512

    91c1d01a00cdb5839b7cb0929a3d06ea297885870b68da0ff5ea41b7f7b6bfeca29c0d1759953c1916b1cfb1bafefb4b6f8365f7e885eacf6835047939ed11b3

  • SSDEEP

    6144:bANdYJzUYY/McEqJCKIqCQeeaQeegQeesQeeGLQeehQeek3mM0V4rZeDMos/:bAT6zUYCMcd2kmMbm4

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 23 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a89d39f060e3e412cf76c4cdfba9a439_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\a89d39f060e3e412cf76c4cdfba9a439_JaffaCakes118.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:1736
      • C:\Windows\SysWOW64\cmd.exe
        C:\Windows\system32\cmd.exe /c start http://vlanetcheater.com
        3⤵
        • System Location Discovery: System Language Discovery
        • Suspicious use of WriteProcessMemory
        PID:836
        • C:\Program Files\Internet Explorer\iexplore.exe
          "C:\Program Files\Internet Explorer\iexplore.exe" http://vlanetcheater.com/
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:2716
          • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
            "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
            5⤵
            • System Location Discovery: System Language Discovery
            • Modifies Internet Explorer settings
            • Suspicious use of SetWindowsHookEx
            PID:2632
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1736 -s 608
        3⤵
        • Program crash
        PID:2844

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b8c43f861fb4512ca6f442579cba62fc

    SHA1

    cf693ce63ca6394544310b5dbccee569ccdba1a9

    SHA256

    b2ce3121802fa354e1196b3afd6d61c8342cfa85f90e20db74cad2d65618ff4a

    SHA512

    f01e0fd361770955c0df8ffb3fa939bc2da417fa0097adeaf22b32ea299b5ce90e9585dcfa7fbc5cf1822c209f3e06d19d707e27efc8d285180eacc969557291

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9362e9235c95c4f510284d4918f0b906

    SHA1

    0a80c1c7858cc1a51fea0715a9d301a51e6e173e

    SHA256

    bbe081176f3e98880f51dac03e7af076aef331b4f33f8c8d41c218bbf521c4c0

    SHA512

    77b2b7c7c5a1bb0fd725dd680bf04409aabfdd2020782c81b3247f40e85c0241a70e7b0e53af6688c51bd12488773f9e899a8a75ffe1189581c45d012fdf5506

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d74471a983d126bb146af663cc5c5246

    SHA1

    07e6c3b0c951f5db2833c1ead4b013b5e6309512

    SHA256

    f53aa3b8b8205c27b207eee07883ecf64497b48f93b2d3990ddf293322fbf5fc

    SHA512

    2428f204824275bbef5413a146a51a7e309ef1c108d8b9fd9b599de2c8fd74487f99dd4480868bf1b6680bdec078937d6c3ee601bfb3bf4f828b8aad8e5a69c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2229e55e512e94c00f13313dc48e995a

    SHA1

    e15cfb0dadd05dd54dabc15a6299d24c3a494649

    SHA256

    4bcc3c26d8ca97b932be43c5fadb6bbafebaed7294700ea63dbf96a973835e74

    SHA512

    600028c9951d7e026ee3440d83a8b7d8658bd861c0f796a0fa37ef08cdf95c17f40aa3dc7b2ef61b1f552a0c6cb5a69f88abceea4db72f74813ffc77eb4b2013

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f81a3480550626ab84b360aee421afe8

    SHA1

    13b67905a536cc7483130e3152b325886d81aea9

    SHA256

    70b4309f934731214a3268208b660e3def389b81b3dc430a86f7cf63968831ab

    SHA512

    5c06432fb43f0bbde09f18b1740df90f8e41be7e6b0dd8a65a5d55901f3694e5244302aa4064bceee788377627a6a597c590dcbfb5aed03524dc6c6ae73c81b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d83c977541f72b4441f5a2994c867d76

    SHA1

    443e06f4a00ac47d2178373d3e8306eeb33b8147

    SHA256

    13cb49550203d8e7f1acc502624bc8af657d12992ea15fcf4217468b61821ff6

    SHA512

    e4aa7f1ba141e5dc303efba38e520d36bf59de60c929de6b89a0d06da2e7f53b77959dd8de06040406076fc20d2b8668524ea62dfa934eb03f7a92ef925349e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    785067bf9b809a18fd5507d7d22b0218

    SHA1

    a7976a2c7442394161880b47a8b0abb667570791

    SHA256

    7539d5a39247f2e51513eb3edfc7ccf89f3def7755d835e90c3d1accc753c342

    SHA512

    858f5b5e4e692b69ed66720782941a3dff34d0a88ecdbcf3d54ff201a5031cd2b8d0db139ee3bd197cf3f5abd291e27e1377a889981fbf446699930cab6440f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4a25143ab67e6c362722aca991354ef2

    SHA1

    dfbca8090a7921e7cd1fb106804ba5977f1909a9

    SHA256

    c9d19e75a7c850f7fb445557d8a6b46f7a1526cf9452087802b4962aa41599c4

    SHA512

    883528dd6272a9b8ec67ff8c3519947228d1164177e54f5537e40e7be29cdffb89d989652d94405585b863235bf9115236393c4613d88271c6ec171b7c421858

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0051d9167a941c2608c9acfd6cf3a868

    SHA1

    476d813458376beba96180db8599cb6e3da0beec

    SHA256

    745fd1f97900f6f2246ed0658cbf43434c5956f1cf332d809985f3d573a14815

    SHA512

    cb06a9e3aa398ed4a9760b6cc83067edc3a9fbc0cea9c5111c720d69064b485cb866b67707b2f4748dab528ab097b9bba101d3cf47d58db2d862241c73681651

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    34a89339ad810373b712b9e369cd4b4d

    SHA1

    4f00c5ddb8b62f21e35f234f0f60d70896b92cb4

    SHA256

    9a017f93b56baf8699f686b2fae10b644bd6ecc6b78ae07d36b7ae803ca50881

    SHA512

    7ca838ef78519a2483ea6ff3cf5f0d14837d859c906ed30a29481f1c478b0d22b7474f25d4e0d107d2e28bd9cc4df7b14fa1676023c6c60e8bc48312194972be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    01e448d50250911da07c044cc2885cc7

    SHA1

    1cf488ff30a10957ef4cfad5c11cb7efe966f82c

    SHA256

    3103ece336bfb64d6a400d51ca225867f7031d86eefa71332f15f1b0ce7fc8da

    SHA512

    4a21b949376257e0cf64de3799bcd00bf3c24cb18f3b3926f78f8ce4e857bf23f62edee20d1a365ecd97204c6e1257cb98fa36f372445e582256d4f5b1143297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1ab187eb33cf48e55c98300b895d7945

    SHA1

    c443696fff471c95cfa10a10667a1bbd07b3aea2

    SHA256

    9116540e6ef6435b0695faea4f78c74d22d45c261b420a7cd7947fb0b3ed1d79

    SHA512

    7a5e3a18d684235f8bb903789c4075d63f4d4be704258d37cfe188ef0b2f24615a3867cf98ab9bb51b841ff544c4a089801d724a1cb67964e8cc813f262b2255

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5c9a4d2ef03b129045906d1dd9f8e742

    SHA1

    55f9c802665876a4f38c8d7d95852234472cdbea

    SHA256

    eb469fdacc9556fbbfc0ebca42f95f75859414dab9e4e1163eca5cf09e93a372

    SHA512

    eb24b7312ec6dda2231e66d11e8d6d9413f899872ac63928f22f9576cbe8e5093d47030cf97171925371b1a5d1e455f84f1e76be3a969cfdf27cddbe9c2792cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    fe8cf5b5f7f438c7866524bcb10fbbf4

    SHA1

    3fa94f5f5e3dfeb1a72372315ad13e7bf41ba213

    SHA256

    adc3cbb2d4e038ef2a2bb0c76de1c02bb19e0c01769c5fa665165dd29f2c1cc2

    SHA512

    b953f5676e054c6c6413e422e642526a2341663fa7392ad90f7aef41b9b0bae6d82bfd9882abc473414c6d6d2825ef27e457bdc701b16f7731e61dcbf628c30e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    28e5cfb9b006c0721e924c97edd0d61e

    SHA1

    b720c39cd08a2d4c82e57d872e21f1c657d3fa2e

    SHA256

    0dde728c4079c898e0ad3a1d57eb631e1754c212c0a76f8e15496c6542f30f04

    SHA512

    065e6a16438e7c5d8cf8a575d97e0cff90a6674daa0f5f2660f51b4f58158b4d60971e2a360cd20947dfb847fdc0599bbcd218242a1dbe1fd2b4c933c63091f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4a113b4400ab2108c711c81a54d8c977

    SHA1

    7cd54cfcce079118249be686dc456077a5d1f212

    SHA256

    53d343be202094be8936ac49873980b96511d37e72880fcd3e36e733c71c562b

    SHA512

    2d37ebace48272f176f5daff7c2e5bc70aa3f6786a47a511cccafad7b058aabd1074bdf449f0c9451b3e190d71cc1854d421eb05b5d2c27004d6fca8fea7c26e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5d8ad876dee8d90b370c757e6cf870b0

    SHA1

    473c939fc86213fc4b890136918cd84d4ea6d457

    SHA256

    4cdd4900808704229e7d876666313279372d436d1b4114b132aaf603c1af456f

    SHA512

    b25ba0b3268f0c19179e8e8945b2f72f5cee42b417dc4a69bba5598028f972d28eb433c4d74f5f34954396c800aa175087f985953e6d37921d3a8a5abd1c1617

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBCCD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBD7B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit