Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

dedaa732fc...18.exe

windows7-x64

3

dedaa732fc...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 20:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dedaa732fc40600dfb1d919112fecab3_JaffaCakes118.exe

  • Size

    25KB

  • MD5

    dedaa732fc40600dfb1d919112fecab3

  • SHA1

    f3ce391d33ee67c2d3feb340c44407f199ad21b1

  • SHA256

    c74246c039b90a977a2bb873a39d06a393a18a957870e61948f5d55acebc129f

  • SHA512

    52d6765245b926f7c08cd12b725ac4717bc4bb84ec12d0d48af61d3254a8b97e7f252d93303d011533020f49337a39e929dabcd5240b95668d9f8adeb2d9c693

  • SSDEEP

    192:L1UNSS2JJpRM9QWHjrzt7EHAS5K2+Hqr9ZCspE+TMwrRmK+vhOrbo:xUNShDM9QWvZ7So2ceM4m5

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dedaa732fc40600dfb1d919112fecab3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\dedaa732fc40600dfb1d919112fecab3_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=433
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:888
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:888 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74dac01e6f3bcb86b8c7a33bc9d0ca25

    SHA1

    cd1ff6c51b3a7730773107eef64bc4969dde6e71

    SHA256

    4cf59cde09e0f4cfe174a675f3ec9d42a59bffc0cb3b3d0bb4cef7bba8c19bf0

    SHA512

    207561d7559fd9f1cadbb87a2bf1956540cbdee331481bc8819d48adfc81560af821af6dcb479f11327e67c05aea1c16f153721ff139f3c4f255e5098ce35647

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5a89946923f25ecb47aa5cd398cfdaf

    SHA1

    572028aca8306bc8f3afb8813f22e3d383cbd025

    SHA256

    98ebdc53b0cc916f16991fd40de415213c58075de14794a899726114001492e2

    SHA512

    9d1af8825abe63a00163b0f560fd4ea79444071527f505d28bf62f9b164d2718ab01a4fd81f49f6100249a675de1053df690d667b4d6e45fd8dbea87f256efd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b5937c2a15a592342338665fbaef562

    SHA1

    8e6e04b6578778df627297de4c46ddaa50e7287c

    SHA256

    ae75d8386fdaca49e440479a5aadfa8da0eb99f9d22da57061ad2c02500c56fc

    SHA512

    be721e0b372e95d62e67406e19bfe544fa5c995cb795d6bcdf6d449d02c50f94244f1592b82352b2883980bf66ed97d59035ba97a8b13ebdff003a1f8e615dbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59b360e6044dd4595bec7db0a4573195

    SHA1

    92fa1ddb86dd3b550523d764f4fffb654e047394

    SHA256

    2ee02c2d6b3e9396a8cda61177acce1964193ef478c2d7744815c1794b480421

    SHA512

    ee3d13a1d709517d427f325b072533d8df85a5e6b99455165cb5a6b1d54bf19d4723a6dac7d1f3b3209ba5805a213f84f806f371f5a723ea9ef9a3da8314d40a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f62f8ee8a8ce6614c1ff48ab92b2fd46

    SHA1

    f843549ca9f9da6833dcdcfbcc849c204c0c9f92

    SHA256

    3c8513bd54e06a21eb3c571293d961be77be8449b185a483aa22460495e03efc

    SHA512

    0d56843b697182279c3b01e975730a5f785524b8fae359a69efba8607528f5c2aa008b37fc73d8b9292f9a861cca8e7847ccbf4b1a2e9df281d9078556259ca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0df2a4fd14cf1613117ce9a36ca3a0d

    SHA1

    2f800c7bd9c75e76541ccce27dadfbd829664a59

    SHA256

    1c1896f71035ea3d1cf7a8926d22a492c42fb304f8ac98a2bfa90711efd7e502

    SHA512

    65bcbec287a5d8a05dc002475b6048e5fb646f6d5f6c4f1a4ea53643fa5c57a51d05528680275a00dac022941d8aad86cbed9cbd23c929ba32927bb91e6f7f07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f27f85d9c10128279283c65f545e7c5

    SHA1

    186530db856e0225506402c1c191fca3eb2a8675

    SHA256

    cd7a870a2a620fe47f47b360f250f656d57f523732af11bfc1c31c83e1175142

    SHA512

    cfda3a59f3adb79c876cc0e34197e11f9e95e5f1aced5b0fcdc7529582162b3fbc5d890068c7dbec46a7e0fb8c225a51bb7011938e4e62433b7e030251266aad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0974def05f35fce2d4b93892a5bd23c

    SHA1

    243b51d3540b859d469a3b028476896804f2e841

    SHA256

    d1606d26b612605d964bbe69c62b9b809759554c5335e02bc7f5b6af4188ad27

    SHA512

    9b54af349bbd53782e2471f43e66c92ddb0ddeb82913dcfcb4307316594d28a9acfbb051f2ee4ac2ff0a3dce4d8b9f90af5fbdd51de98241d6d008d5a388bb9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b094de5a355b697be1e52d964f4d484

    SHA1

    68ea9df5efd2281c8e191a7647ab04ddaf5029da

    SHA256

    b5344d1d520b338997d1568f337ae0818d3fdf66b326f2cb3255a89a8963af56

    SHA512

    c2a075dd2398866f428ad8099222c587f00433399e13d100e790c9ba4655375bd340a41e6658431384a09fe79f0cca03b2e59c098d65b2fd02dcadbdb8869b23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    babbb3bd02248011af9716d41927f60d

    SHA1

    e324a379239fa411ef1caa4e14eafafb90761916

    SHA256

    3d931e225d3927392da139a10787f397496603e713105b28c25a45a88771fab4

    SHA512

    ad566a65ad7b091f212c6cd6e5b8a555466a252ec4d78255c75d416823ddde1c66857b4e5c8fb094b4b8f3e381744b4bf078231503f20a7baeeb1f003e325952

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f65af05a7ebcd86a094428468d56606b

    SHA1

    2a640c455ca93fdc24607e73fa527a5be53e6546

    SHA256

    f86b49081e00a4c92017b01aa68bca7feca1662331cf6692f9ca909191b562e5

    SHA512

    f215f6735ac69776543a8273f7bd98139d5c41c0c4a53e58f59c9631d5d2eb6c156589c5f680af35fb0bd3f3e8057e062cc7747e55a02d35068b1ff193effdf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    417bd6738a73999f2462ce5eb57b9500

    SHA1

    40127e13f0367fcf66ac7dd9803eca728214aa13

    SHA256

    683f68e7463d7758e0e857630209ce467bb26e766ff77b5627eca6e68d6cd12f

    SHA512

    f9d9d24de8f234b775a7bd96ba83dafab498d711fdeead272eb3acc8b3bf0a74f1238376140ea480c0dd43404a0c1abdbe5dad2f6587a9ac7533cf3d25b36986

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfba0a1e71a42fd0e1757e74ea36268d

    SHA1

    0d9fdab82fda68d8fce7dda848fc9b27190fd51b

    SHA256

    ab9efe7cb3963ccb0238ca472672977e2109386a64fe9c26c6f5929226a77381

    SHA512

    9227cdc9ea1ca1bcd2648a5266b785ebaf8a4cd456c275a0fea4b5a59cc694d0d521c421ff5265c98159115aac6ab198619323cdc2a349ec23130fee1fe98378

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf51bed440a87a6de100471ea63741e9

    SHA1

    254957826ea1968468f0b4e48f303697502e128a

    SHA256

    40573f4849cc16f2784c18358d236b2b135a60b04363c803429cac9321d8d8c8

    SHA512

    2d4f42e7ef6f2282addee04479dc319f1e0ca8621a4ff47c08e20943febcb7f9573123a2f5d42d08bbcac94dc7e2a7db5ccc6abc1022b1b98c65bc3b1e81e77f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    568a320789e8cd6b897fe6410b20e461

    SHA1

    3cddde62e701d37ecfc45ad5a509a50efd15097b

    SHA256

    73321fb35de60af7a3cab6f1c06031144972e776e698d161b32bc59b12b580c0

    SHA512

    bae1847f9b09377ac3f92ec06920804e85e1a961be7e02c4bd781a72a1e776047a567efb5aab7d5ed4d855fea3e444b5510ae5050579a3517cf4956d7ededad5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ce9030049d0b670a599695a134c1d68

    SHA1

    903fac5d168a4b7798c2b9aa4ecf29c41db6defc

    SHA256

    f3da76fb52799dac574b157c2c1750b11a34244c7a6d73fe100d25fb5bc25a73

    SHA512

    a47fd83b0b11aec11b158ab0356e9b4d216561547559a7ec77e0de1e30394c4277dc83b1d3a92be8287766fa8ceea39e29a844cc1890ebd6249c94437b5b7e44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    030a67b4616eb9f21ec6c10a4f1ed370

    SHA1

    27fe90fc300eb336f42f86311f7e8a96f3ce90fe

    SHA256

    7f840bb239d390d03c6e5eaa5fd26501ac07257fae0b06052864b343d17caef4

    SHA512

    024329030f36d417c5ebe71e50ca663269975821fd51271ece4b6ccc1a719b0622ddfad6e283628c2bf22c278b6281abc77c5817f29fcbeb5918f2af2971daeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b3ae9370b97ee095d90477bd2d720e0

    SHA1

    90e0fbe20942d25f9a6c3f3cd1894ddbac0141bd

    SHA256

    8e149f2dc4653af6f47e26766098791644db951cc91d1df820162952694edd6c

    SHA512

    951b39b0b3f258f34d59e0b6cde05669e93a04d758b9953e323c173abd6c6ed74f6002a8abab3a92559c0cb2bf986115a5d8ec0a8986a8f95de1a88083a86be9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a320c46bf0edc2c99e27bfe49ee1087

    SHA1

    518a944affe69ff54b3c61e9549f28fc7c024e3d

    SHA256

    1e171df890b15b2ec1f35427073b6cc305584b1aaa3646084da9e06aad695bf4

    SHA512

    ea87f46b547ed480d4d6c99914a39c5a6db58a38ad539551820cb34f1986562ef55a739c3cea2fc666a64bd276ed370945181baf98706712301f3e91d9f3c896

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDFF6.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE0C4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit