Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

d9c8b73de2...18.exe

windows7-x64

3

d9c8b73de2...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 06:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d9c8b73de2c3fa87111bf17da3e22d2a_JaffaCakes118.exe

  • Size

    828KB

  • MD5

    d9c8b73de2c3fa87111bf17da3e22d2a

  • SHA1

    07455a314aaac97f34b650a06486ae8b879d40a6

  • SHA256

    d03d606e0025283eb964b7e757730d0f8be55ecc52ede428fa6fbc68bc0aacf9

  • SHA512

    5bd09bba2b1f61533f6ab8ecc02b5662b9eafc691aeac423f5981acadafe0a4e091d9136dfa2842e9a279ec8747ac3fa0475d36cd4058b6614f5ceb59bb2b506

  • SSDEEP

    24576:CavvuRB7eVi1U/FsbCIcSr9qQEy5/xJu:WKtsbHjZq1yVL

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d9c8b73de2c3fa87111bf17da3e22d2a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\d9c8b73de2c3fa87111bf17da3e22d2a_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://sportstatica.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2748
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2748 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0dce0ba76629cc299f2c4e43b3417c1

    SHA1

    f28b1824c2234a1a2b99e1d74dcd5eb7a174e324

    SHA256

    903baa81f3604ff9f3c582632c76352f114fc0c98435679beb2bad81919b1b46

    SHA512

    bd7ad22be8bd0c7aad1f1734d814fa40b2afb52452441c304c1a15efec9535fe1df39be39fbe04a8cd4f002a2c9056f402c7252f4c4cb81822a340fb409be84a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7520afb141ffd098694f58a06c933b9e

    SHA1

    e7f6f477a25ca2d4c238fda0571d6f34ec027ac5

    SHA256

    20fa801912f955c5d54990e759513e74f16bda26f3ef1425e6f2f3dfebb11ccb

    SHA512

    be11ff7a0426ed7cd3b6300cadfa19a4aafe2395234a627289179e570fe806e0eddd302a8135bb24e1550a22573d960b0e314a081a6895bfec7c6939c77ada76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8b72d9845ad9b20212456f36eb4d7937

    SHA1

    13b98459899d45a54ef3fefd5005bf2576c976a9

    SHA256

    9dd8279f1c167373bfde0b33c844456fb456f78178bc37e4fa5de0312a277c49

    SHA512

    a869dd406e6065d84a37d4e2e761ee9ed3779cc976fd8bf24544cd6e9aa4c1d815e5040b3ef9794d8d15ecf1e2f66ae9f95417525215aaae505a2a1fc858821f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7801c95195a2bc8b5df034f71ee4b868

    SHA1

    5ddfe216c0372555c32c7cbb066c1758c32e297d

    SHA256

    829c25e6c8b330981740be976eca2329c18497f281ac930daf1686f0c8241dd9

    SHA512

    c08affa2873c74c505f64d65012e94656894600cb6a636a3c45d50b8f53a6899218b0830980ae8ac0390b4530b82528a5b205511b9f724c1e1f6a745cf41550c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ff5744791f8d9f07f1d196c8e541006

    SHA1

    3df6cac8855c9d19b80446850ecbf88c2d7486ce

    SHA256

    801be9fa958c11cf71629a2a3a037bf34e1da1b43ed69b25580ec6e99a505d71

    SHA512

    6c34dbefe89e595243b96a59d3a60c26fd5876610f7ab83bbbe28d1c075015d925ce2434cc5b4f5aa18a4af8ef41a2acedb760630b6b281099c1e1e673bdc7a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d26e59036188a7f80fa1332172a86422

    SHA1

    a9b426206a97f2ea06b12c60a6b367c82abd48bb

    SHA256

    a130fdd33d7018f6d2ccb9c59588e50c4716464a1674a367cbfe6ab339fb8c7a

    SHA512

    b053e70b9b80960155109ffbe03eec6a7fc0a6267f22df584d502020c9d9b842631e919610a37f303f198b78fdb4ae9f30ea8c8f4fbecc463d7f56969cb0af48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad4a7a64287af5588148f8c016bc0b58

    SHA1

    df8e16773576814d076cf951ad6109f9e40b523d

    SHA256

    d64e6888dd85ce9ccfac8e08a3a8a9b91fff13cac5401b4db3a2e4d08ecf09d7

    SHA512

    45cd2b5a833f2a3d9f689e274e8ad8f8a7e98ef98433810d3f1855c551a2b58383f3766d986794c1d74540b2b604bde7a4559fecc921c1f15c433c21aa1c4ea1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fea2bbf4a41af2e42819874965231227

    SHA1

    9059813e236470bb2bd9a057e075933275d0349c

    SHA256

    f8d943eef1f14428067a12ecfee7cc7bb4fbe5d205659e4c302017bd82fa4bc7

    SHA512

    d798bafcc9ec374382dbb916eb2ad730d60971bfe82cbd3763829e46770dbced53167388ce5bd86324cc7e559c575f3bf3f851eedf9cb1073979ea4091fe6a6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1de49a1184dfa8a97489e1d3392cd772

    SHA1

    58d92cf36a67250b54a62cfb9e726953b958a3d9

    SHA256

    1547c0c442115371ee985d51a405d6444e40271b3c014815d599db732b077653

    SHA512

    3ed671a8d89ca15da979286261168e1fd540437951ffcc184e8077b3a97f806d93764b426177a3ff7d8715fda0894dc7669afd52942977df9a1b7ac07b5544f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6621748d42b9c7ccc6d96661932fc5cd

    SHA1

    eaf6a10ece9854428ed07a70f7d7720740aeded3

    SHA256

    03ecfa3c39901b8261211302163e5fb6c26a62c4c028999ed4802fedd8946223

    SHA512

    878ede8206129d70bf42b010b665bdada5393a7909bad58cf59b0023c343c59bd1adedef13a3194f22170ac9bbfe1ef2e8405e61980eff276d84857997316ed0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    add130a27e379dd15451645d12fc869d

    SHA1

    8af1cec18b3edde405f2a1cd956a080be68da39c

    SHA256

    e06c10d579e9f8ff3159d7f6f226d2eb5fc95212f4b53d9736981ad6b281ac2e

    SHA512

    a23260b2b71ee74c7ceacdcb801516d87c01d5b91c7b5f16b6a2eeae10770b80ed10f8bcd16e5a8445deaa22be4a0198aef24f2c8837aa3dfd5872182729b591

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7409693ba06d2acb103ddbc0de0ea1c0

    SHA1

    b1e09c7003b29a07500a709a378f3a38c64f678e

    SHA256

    b2d45d31059f74aab0104914f1f169ca1ae723c22eb788fd5af2436545979472

    SHA512

    cfe704ae282f4fdc2997e762146972792a89c8d7ecdf7e5471ac5345f3e421308bbc585e496c88aac3f824be83384f29cbcdfd1519e03aa9bde2cb6f6c20bda3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3de066ee322afb94189864623d432c14

    SHA1

    5d59359ae220229ba5915dbe6d2cf7782e8d07bb

    SHA256

    29cf84832d8ffa9d281a0d9e66b82014ff8d3a2f1950b8542539c3b3fde2e6ca

    SHA512

    1492701ce4ff12fd03f280b9672459da6708c695585ff80bc7a11a891abf436964e101bf609abcd798a7016fbc0e32951a5f16bc4415b780e2dcd6fe149055ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07874aa9b1ff3d86bac1f6a6e65ef257

    SHA1

    026e88ec29ca9b1567e02e76ab7bd90fbd8eaeb4

    SHA256

    bcec32b5e586a82b9338b413b9809ca8b63a88e17acf7959f98c9e6ceaf20e56

    SHA512

    8567512c3c9e8590a1579dcd7da9f4ecec98a17ce1538db6b8443819e881cb68842399e86326417c3eddd2c7e650ccf093d589488d1f7770ffeb68d90871ecd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1fe66168cbac5648f89505b4e276025

    SHA1

    e7fb39368b3540d7e0713e8e0f748cf8b73c0bd5

    SHA256

    52271d2c9855c929142325bbc9594828937bfd90db198c7a0812d108327494de

    SHA512

    235edda815fd94836810118ea6d02c8e9b2cc1fa335dc9c54de55d725d74a7e18be54494e6611ca114b55072380bc299352f906b6fe0a39c8207b2e808d02a2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1dc46baefd8f9aab57cf68d72c1bc7ee

    SHA1

    87d4d4bb65eebc12c520832a52fbe4c37bac24b2

    SHA256

    67666a7b641cb3dca2d6789e5a8972c06ae33f9e3f161a7f31d0d14a992493ad

    SHA512

    d7f62397c38252cfc06d88b42bddaf1c7987c1de441c69ad4bddf2e2fe79b3806f44a30130c4e6ac40689313d611d6a1cd849f084e3c6f158a78b0639c875050

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ac7f8f7cc31fa39ccdbe51be1ca9e78e

    SHA1

    d1879ada072cf7886e7404df42949096c42f3dfa

    SHA256

    27e7700136ba54596fdfa02a3e5e1d96ac1e15134bce8e7e7d8c72b2fac12615

    SHA512

    233432566aef67bc49e24323df3d54e45782a17b650b8e8692c638a9108a49156ae891115d7320b341834002eb036b4b84acd1538abc9016ddb3c13751cfe7f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c98d7ef944136e61f430a2c85514e987

    SHA1

    32049f9c10a7724229e2b75d231d9b96522f58f4

    SHA256

    a6eadd8c1fd9d01dec922a5df628cc1c130911d660589fdffcd121a1551d4723

    SHA512

    9bd7a64e6b9744b08a9d371cb2546241efa0a73bd890caa255a8b1523935e9cacd6b5f7fcfa16478b7ffa5d1cd16f15ef5b324c8da45ff34f165c42bcf708c0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2338740496effb6b4c840cb2cbb53db1

    SHA1

    d254c9663cfef7f35976ea10695dfca132095d84

    SHA256

    b8fe32c727f2bb95dcc3d958fdc9fb7e9ead19313c7e3f22e84ef3fdbac321e3

    SHA512

    9f9e8993ce72e638117d8a50273615db2f70f8b9c9ca7326169c7f9d74ce72b7412bf820ec03b70083c7012fc21489f29635d31aceb41711e4d4d823ce9b8a42

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD183.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD205.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2160-6-0x0000000000400000-0x0000000000634000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2160-0-0x0000000000400000-0x0000000000634000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2160-1-0x0000000000400000-0x0000000000634000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2160-4-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2160-5-0x0000000002260000-0x0000000002270000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2160-7-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download