Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

c78a7a5b3e...18.exe

windows7-x64

6

c78a7a5b3e...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2024, 19:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c78a7a5b3e871f477081d2546e50dbb3_JaffaCakes118.exe

  • Size

    1.3MB

  • MD5

    c78a7a5b3e871f477081d2546e50dbb3

  • SHA1

    abfed487d266d79883201aa9408fe347f26b3d0a

  • SHA256

    5bebef806be238b1e1a7ad2c63fe8708c1d467978a7be20cb7cce35e9011667a

  • SHA512

    5a402b412570ff436040a8756ea1ee17e1b495c1afe47d06da1bc24f3dab0a626fff177006fb99ca0d5e98c9453194f09b11ea19c9429389e6bdfe3ecbb0e7f3

  • SSDEEP

    12288:Ch/pCHxW4pbAOeeeZeeeeEhMEr6CX4zistT:U/eDNAuaE6tii

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c78a7a5b3e871f477081d2546e50dbb3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\c78a7a5b3e871f477081d2546e50dbb3_JaffaCakes118.exe"
    1⤵
    • Checks whether UAC is enabled
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1336
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.gamecentersolution.com/downloadgame.aspx?CID=21157&AID=570
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2540
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2540 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3160c97ea145d005638e4bede39095b

    SHA1

    5820b3cf41e92193d63768d2d586f55b79a6e313

    SHA256

    6d36f1343f3f593e0fd8696e4f70080be5062d2e8236c3b89c047c3fea9aca52

    SHA512

    74b6bd38daf3c0b7ced21e0a8fd3bea9a9409d1cba911c48d30c7440e2952b50c2ab9cd0e5b6f3c0ffd234bff97654fc5afb197d35658311f659d9e41b23b4b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    389b17e7f40b65ca91ae7d341fcb9131

    SHA1

    8ab13cbd6b7842f4ea4abb951bd99fa52740751c

    SHA256

    8c00529e211c5a870f25266bdc74c229c39f15362f9c5ae7edec5332c74cd1b3

    SHA512

    4c992aa4feaa287f3b802ac46f36d5247fc8c7fb6dbe3d6a68c584fb185d39a2ca39e3222f1f0b50cce4b114ba4c28ea58e9d050b2577de991ad78a3ec03ec21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6a44cb28df6d2d8cd3a6bbaa5f56817

    SHA1

    c1f822bd3f6b0c3db4f2c4ce3840b76c91f16157

    SHA256

    12f5bdc628af5da44c4ab7cff8abb75aec1a036e81b7a4c626415b33c652d115

    SHA512

    c0773fbf67a179c56c395c36acd6352a8bc4391f20bee23414b9ed30479dbd74b4222ec4ca1c50045720500376d932fdf131404c3847352edffadd6e80862734

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dfd9de5b66cf6a1187986055fefdc8e5

    SHA1

    688d10e28292db7f3d33de71438d62f460d50138

    SHA256

    05526d82400aeb25880c9fdefc948ad80e8cad33253ccc60e78c58c0fcf0564c

    SHA512

    e7451db8f03acc8a0fdec2f3dfc59b0ac7a455daeb9c9e9368c85a7a34b107b40e824d75fd723c10f7e6e7363d9d00d5c90c00bde5724fec9f1de16ff4660249

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd3a4b8cdf5185090af9627096b7e0dc

    SHA1

    bc6f0dd7da5de55584ffbb538528b1a3aba15fd8

    SHA256

    e1d4d2a4937176f03991c906ae12e188149997f75b3e3e33020c0b2198d90d02

    SHA512

    be19e9b79a90ae325d65303a352320c102252a28948aadcf3de1817614e370bc23d8e7e573d5b65eb00076668adb38d9edd5fd5f6d0b294041c37986416041b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    138f245f8996be677460292b48c958c3

    SHA1

    df3015edd3bb6d486ff448d5c267f0e51dd28e5b

    SHA256

    0bfdee30999e549640193a36aaee6c4b17bf1c1c20509e6684d2873448d90147

    SHA512

    c869514222f47b824e8619f3c70abcd31b5e5d07e328674d0b8b23e64846a8b7ba31d4e2b2dcaa57908ba37e1cb9bae57ed7b94bff39fb89e3e02750f03a6d31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebe10758c071682dbf9512f7de797cc8

    SHA1

    136b6d328d2a44349a5d8cac6d2b6bccd7f9383a

    SHA256

    29e6c0d079d23cdc9049f22f8c32e3e01465c1e0f8feeb1059f27d94c65aaa81

    SHA512

    128174e91301dec31753a0efae7d1d59af96869a2382b4ceaeb2663d3f01c26710767f65cf23e41920ddccaa8d2e13da468c59f92171e60fa43aa72c7713f6f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87549a5bc8dcc4558fc1af4377c365f0

    SHA1

    a9f4a1d6bb1af6325707b42ea2ef42716b7e5b0d

    SHA256

    f100ef55cf3db7aa44a30d6095504bc72b8e0516a35b954ba00724ece4efcabd

    SHA512

    193f1df7bd9533bf6b2705c79385466feee85551bf6984a3f9e2cc00ac7ef8f08c32c637bc4ace759275fe4a96352e5ea5a109d9bc851b6d82cee68ec2ecfb6b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    adbc9923c65f0ed00b3b31e8c2981548

    SHA1

    b604c81f4562011b6af0d68dc9d472429e698b63

    SHA256

    11d56511661b01c2a4aa1ff85d7368e5be6832b288e8c9cb08da584cafda8f04

    SHA512

    3cd47b123d6f4bd4c5c55ca486ef9699611560585b5d03d7693f1e977eeafe971ffd43d109b00eb2cb0cbb1fb3d50c3dd2cea3353077b72e17e751cb2fd0e458

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16ee9e63597d2394250bf3908c6c8738

    SHA1

    4bf06beddecc12e8fdd154f42f5eee2085923783

    SHA256

    ca5607a579260d16ed5451121e6cfc1762a460145d27ed217972435dd3faa820

    SHA512

    660f3378ee92567202f54f9829b68870de3bd561405782abb86c3b53fcc840494ca53ae10212c556cb74b04512771899c5e148bb10f6a294c1dcc1519e4d041b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58ff257d64eaf3e757a1b6db809ab04d

    SHA1

    d2229625d96ff24cdbdceb04ed3e5e82fe48b4ef

    SHA256

    30f057232c9679ad003aafbea5a8feeb674e2dabd4df3ac4b3ad0fbe5a8c78aa

    SHA512

    95f8545ea06679bcbe8db845575bb203d3c30505ff7ff0aa0e9573de36a33d30e3fbc17824d491d2b372ac6e83751cb1091c28c528eaa290b7606e082f2c3925

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f557b0b67b3744084c6b584ebb38d223

    SHA1

    826bb2b43e535cdffba54562c1f513396a62ff56

    SHA256

    6bec582e896bf63338d40fbc1120f347a14afa0c4903afb9e2729bb67c4e14e3

    SHA512

    f587e47a3f4fa406b0a31b2dc13f77cf0a76c91c8e0818050442dd36820ebf69168bcd5990b4de5eea09132456d6d2f305913eff32562d6717db7df0be413a9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb409080820a83a40a04f09af6a3d849

    SHA1

    2b1bb9a903339bcfd9c4b7915b3cdf6f336f5be1

    SHA256

    76fba34c4f1b9d9c6dc427c3fe87e71a6ebc4c4c28e84a23deb834e8676272f8

    SHA512

    d4354f78d007ff5cd6fb5458381f33f65287d57067c621b82f1207d23cf11601c96b9f1b623738c0408a3bcca7ceb60352e24d656e4db5eee3a42850d6af4ea3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3684e9d29accbbf13417fd642c899634

    SHA1

    b641846026f0e9ddad3048f9dbe6190899186455

    SHA256

    7062fa5f3f4ad7e549278cd11136b26b8d358a77e019a9c62fcb65002314bc59

    SHA512

    281d4107470e12b332ec1d9b4f852085c06c8647c627c0d250d8e542c3a2956abe9a913b9c7cd108fa7b867b0c919bb7f43a6eda4ff7077c786a4acc99993220

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cde2390a8983ee295a1117b010a47eac

    SHA1

    d58444c302f9c882611354511bd7520287b1aa61

    SHA256

    66dd87cb97acba4560e4a49e460441fd0a1b0a2fbb73f40a5a9875a421f95236

    SHA512

    d12776e10240daee286b1fe49460f876aa0dadd76896cabd7fbf23c2cb288af5215e97d79e95e976f96fe856fc3634c7b50b6ba961bad293458fd7031f1aa394

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c2f5495cf4d6631f336b0d23a759412

    SHA1

    29434ee162638e47bfc260bd24ddf7a25e657711

    SHA256

    d4c32c86712cf40e0a272dcd321faa17b4c77bf7b390f4abd5742f5fbbbd71ee

    SHA512

    5bf37fc39aa6e6d21b6eacff81c016e98cb5347ed87e08cf66966712485a9a0c50d93e9a4313157153b80626bbddda51a9de574e03c0d6e9853ee484b46526a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b121666a91f70f3d8df4ddb9da5301b

    SHA1

    d3943b9098ee963510abf0e54a35b3b4cc2304a2

    SHA256

    0c88ccc5ce8fcd8219d9d0b1fb9edf88b897b2902d6c21cfa8accb89b147d310

    SHA512

    ad0344a4cc1a9b9bda0834d8438abe135f7141f4d4766028db0e85fc68acef67fa5612b7f573795b23bcd8568a51344997d14fca73ff8637da70c0416fecfb08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cd0e0e579801b1a3460c89f309e75d9

    SHA1

    c0a2a130ce130a1810a19bd44bbabec47235dcb4

    SHA256

    04b2f57829a724e26ed88a663fd6f6524cd65a9b4cc552d383724bfb22c3fdb9

    SHA512

    5506c3cd0cc80b0826cc91c7056a6e019d5e39ad507a7260cb84436185c26484b576633a7582a967ff459955c88f0c263cda541e6d264b1af5a3f8efc2f66497

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10279a974513faa5afcf7fd5ff0cce52

    SHA1

    65942b13ab96d4dfc9140a6d77383fd9d93c443b

    SHA256

    edcf1fca8d1b4b432e02ee68626c2a46edba117ed034ecc1898669c808942a75

    SHA512

    601958688257585efe7026ed07af0a092f3f0f9d969c2f2e1f93932a6f8ed008943f6eedcb8ecd2188e395f72da7f69f22a883a1ccc9cdea13fab6f94f93d399

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7233a8da709202de90bd10652c9ba85

    SHA1

    85dff4e6a7228b7f1764f6aff4531deb9e10a930

    SHA256

    35c80b01c1c6922a86a2bcea10a48a89daa9888577205b581a4df56c03b1102f

    SHA512

    68b6fd8ffdd66dc0a33ee7bba1226466a198efbf209a62d791949547bdbcd6dee5b6d6bd2800cb6b7cc365433b05104b1e405af18d2c39c71bf972cbc604c13f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab94F0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FG.url
    Filesize

    192B

    MD5

    0fcf82b5a915470e8a79d3516f582a36

    SHA1

    75f81b41607905b231521243129aff3554a58db0

    SHA256

    076264d4f165cef82f0cb07f6795f1d5ffa74741a943fca42cdeac65823bcae4

    SHA512

    adf69ec56756fe672677b039cb44bb13fc3adfac569f5ea4eda4e7b35de5ebe0229c5825ca8337aa2c623a773bdf775ddd3689e9fae03a7af1f694576d954293

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9563.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/1336-0-0x0000000000400000-0x000000000055F000-memory.dmp

    Filesize

    1.4MB

    Download