Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

e11f716f65...18.exe

windows7-x64

7

e11f716f65...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

$SMPROGRAM...es.url

windows7-x64

1

$SMPROGRAM...es.url

windows10-2004-x64

1

About the Game.htm

windows7-x64

3

About the Game.htm

windows10-2004-x64

3

License Agreement.htm

windows7-x64

3

License Agreement.htm

windows10-2004-x64

3

Uninstall ...ne.exe

windows7-x64

7

Uninstall ...ne.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDIR/spd.dll

windows7-x64

3

$PLUGINSDIR/spd.dll

windows10-2004-x64

3

Visit Sony...es.url

windows7-x64

1

Visit Sony...es.url

windows10-2004-x64

1

Visit Whee...om.url

windows7-x64

1

Visit Whee...om.url

windows10-2004-x64

1

Wheel of Fortune.exe

windows7-x64

3

Wheel of Fortune.exe

windows10-2004-x64

3

aminstall.dll

windows7-x64

3

aminstall.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e11f716f657e5608382be26bbffe21ca_JaffaCakes118.exe

  • Size

    3.7MB

  • MD5

    e11f716f657e5608382be26bbffe21ca

  • SHA1

    acb0ce181684fb80926aabd2872e29f8c37789ae

  • SHA256

    2f60b08077a40c342fc950af1046a3b01e467059709e938a204bf148f3a5f7c2

  • SHA512

    99ab1c39ae24896b29aa65d07959c4660ba785c1b2c77981f7862660adf251543bddf4f2cc708fa316103bcd2df3334dd4a63844ba0d88ade237cc2ab60178f9

  • SSDEEP

    98304:VYsazUchZCQH+7maqN9hnC49PyRvOQeKq5gVvArwooTUkwsnR:VYO4B+K7N9hCh3qsBTUDsnR

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e11f716f657e5608382be26bbffe21ca_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\e11f716f657e5608382be26bbffe21ca_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2108
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://macromedia.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2628
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2628 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7a32cf3f3f8b36f90f70e6a875276f2

    SHA1

    2b2f55666ccdcdf3b650673d9a16d11653f64ff2

    SHA256

    bd1d64c2bfe53ebb500a03bc859f337f06756692007cbcd6ef6f3d6231d5882c

    SHA512

    70cb5aa07eecd30a7ec7c356a3d4a61b2f373f94fbde6ccadb4b473baa672764993fc3e43e324df6a21ecec35531359bbd7ef3d929d8b945181bfd6a3c1ff815

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afbd88efa6a9cdd4bf712f6502be9fac

    SHA1

    e423cbf23d2fa4e9f421aee34931c9ad3cc904eb

    SHA256

    daeef4f52c0213e51c3968aef53ec4407442b77d056c2052fbc1c702df72005c

    SHA512

    f1ca4f6f1e81f87f8a6fd51124d09983cd887dc4fea5693e93c2bba68985c920a2d66e25bd937caa2277b8e4fc885de3e1b40cf34d1e7c0643fe3fcfeaa1b2c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    890e120eeb23677d18c80ed4ab95a31b

    SHA1

    c02b946cc7b773cc02d5752046a4f74dc576b89b

    SHA256

    36b17f6ec2f400a05a7c57c941ad23c5e090b0885aab8d3bc1b6f481159b2020

    SHA512

    83ac33c8f15bbca75149afd078fc9eb756ed5eac0c5f9f13b0d5a8f329404237641709a211b9fbb6c8ecc357739a396ef01a9869392f879c7591594df23cf16c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd73a7d45761b18d5ba1182a3f66fef2

    SHA1

    1fe870fef19bd705c3f451dc3e03a916646818e6

    SHA256

    c92ccdc3fbf45944ef7e61b07fad090203f6e69673af585e50830d0d80d6c45d

    SHA512

    e716766b1dc453c0c9215d5258772fd300a6c3f47b4189219c5e616fa33c8aacecb8371c50c8ea3607b5648527352d35bf7deb9cf46816d6274038137c21918d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c47e9ef3d221b5382396e0eb2e5f4137

    SHA1

    31355a4814140810c5dd98a488945f03a728ad71

    SHA256

    5687be5105db1d949c897dce5428d684805eebf04d7697fba2ab413d4e428d22

    SHA512

    e7ad9ff2008ddca3a7c1bfc2b1ec582fd872bae47642656ca0381c2aca5716dc16a257cd81880533c8c01b8a29be2fd32c4b6e9fdee309fe96e553b09423fd9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d95ffe8d8274407e8206cdc12d202e5

    SHA1

    8a193694d8762b15b0b14a1d788c10b0ee2445ad

    SHA256

    f4a156f3a5000695d60ab8b6a918d00b30370dff665d903c633f454e72672127

    SHA512

    db35bfe7b2fb6b7b035e63d5de614ae4be6faf118e52006fb3488016494e9648c4e0f0ecfcb5a8d3fdf9f2f2a1cbe6fdcf870d081f096b09679128e3be9d35f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0cf5a37eef992d9df88526de54960b1

    SHA1

    90d855aa2e6192611a2229638a8c91335653595e

    SHA256

    a7c55af6b036247da2fe3e306b93e653cccce4a12a2dab35ce5431b0c2f02f15

    SHA512

    fdc8ac75ec8b0df57e9e41128f7b68b4c1b4744dbcd540dfb1805abdf69f5d39dd75ac1c0c7a4167358697d0166a4e3a2c267b9ade71cc7510831f41ab7484b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee7d45c7ebde31580e18d5ca8fdd5924

    SHA1

    364e314ff3b4a274103ba2abec0f13584425591a

    SHA256

    7e92fa4f3699efb2ad10fd2884270231c19253f5f77da3066d190130b9348173

    SHA512

    f83468efd6dec7f2d09015ef5600a15bc5adf1a235ad41d83c9eea90a2bc9e6d9aa0fe712a72f2cef7b2febfaeabf202df73fdc3be0bab3d809615e45d02f661

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7622f4b669abd49246f81d0abdb81e0

    SHA1

    01340d0d5a9cf163f8b314e3238d9dd21ea70a49

    SHA256

    72230cb38297fd4e86bcb9cf094c6fdfb6d41e2cd8e44a5d4dd65d656c3af988

    SHA512

    6e907667198ae42d6e2a9866e9f33d5d5a427ee7a74ea7833a7632776ebbd2ec8097cd8d0898e558e2dbe737a742318958780f11e9bdd84830e4bef70a0b68de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7f9a0a47c843ce588483f3627244ce1

    SHA1

    e5aacae2e28983839b57982612a57bc2c45d510b

    SHA256

    c0b50180b91fdd0869fb6f9b88c030462ae2625e4d79d0019ed67d8d09dbc082

    SHA512

    e444fcc7c429dd4606fa99b3ba2fe19f9d31ac38477b61f5826c46257b4576f079c24d48026c18d1a7d2172deace1ba351ddd20cf26750d4c50759cc77868b36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9ea3b9763a8e9f04e931731b362eea3

    SHA1

    17906fcc692911cef1cf76ff5691b27c56e540ca

    SHA256

    a7294f100efa954e8bbfd7252c95bab6f03b89884c8e6e7e70f8123be9fea36d

    SHA512

    8f1f97332e49aa3711c7ad3169818c3f97f3928a076c4e7ca911b9457a422d7a7ca61d70d70c729e7e4de97f96b649e744194acddca573320f10f88a9b28d1d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65431160a31e547d8acbdeea90ad7efe

    SHA1

    6467c47cba771aa44b4fb6d92904640fcbd08d0e

    SHA256

    45c8f97306310ee7298c1e0136c3b1b8cccf8547df4c54bbe762310195331816

    SHA512

    fb339450843465ab5b0aa5ce645ebebe11b0f299166c713b765b7e11b9038395eac50b3400e333028b7bd7e94f75f89824c1f58726e88e72408537aa5a96bff4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e2268b37f354f4678d841ea179e71de0

    SHA1

    374b10e71b0ebb4c933d34bf3fe4af679d527f54

    SHA256

    e30f6d573e459cb5c9fc9b4d66220d1bc8de4370b5f505847a94226254573a48

    SHA512

    0c029397749412e4457a8c535637efd254a369c5c5fac5aaafbf0e821e81fdafd33cec742e227424b78c294e9ee975d16a34525f09bde1389ecf120891f69499

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08c29658c3ed451b026f900a6d2dc7da

    SHA1

    7a82dd0ac369d1b9fe2f43759e48b2230c81de74

    SHA256

    3f2a59cd57d6818f8c9c124992700aa19aacc5d46bb5a97aedcad18d9f906aea

    SHA512

    8a7004c9f93fd18c51166da8207c120c83b9cf52da568404d7a425bd1d32b8f2c468648172597847167a86a6d23f18c79dc89470349b5232ad29d2d2d053aa38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33c2efb6095295eb0a0c8428e82ee8ba

    SHA1

    261774371a316767f7450f1d137583f6a6d3d6f1

    SHA256

    7289b31d3f859a546e991ec79f371cb892cbb5ebf899cd25ac086203d8b0e03f

    SHA512

    c565f7e571fe77ed118993115ce4c2e12e59f70225a8e742a011f6b61919eea41c6707c4e38a12e7059a8abaf552da83073218e9b86a3070b3635b2dfa856d90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33f61afe5d2d5e74a22832992b21cbc1

    SHA1

    efa0b3e8afbe9c82b7c5b9facb623062a9fe1b12

    SHA256

    96fc3406030098ac13c9c0eaa8bc75a412517d781068f8684743abd03b1ff24c

    SHA512

    6c675bd7912fded8a6719d1399ad7c23498f4797c92052778e7bf51af54d60a97fc28a46de45c5d913969a157301da5e40bf868f96a24c0c37216a766fa8060e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a6075ba0723e87bfe3b45dc5b0467c7

    SHA1

    7572baeb907bbf9b96c528ad2907579b97768541

    SHA256

    b6b8f16449d775f59df072ed599acf2cf82d4bfaf90a2bcff5a9c751a71e48a6

    SHA512

    3eb1ea2f9856451e960634009778c21bc4f514cfe972d1a6b91b22100dd9c0c1bd42c3a72c965cc855fa89185c0d06adfc1fb9475fd54fd1fd5ff683b3dad8d8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6088.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6158.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nse872B.tmp\UserInfo.dll
    Filesize

    4KB

    MD5

    419d642fe3436fda8bb22eea9c37a6ca

    SHA1

    c1644131b880c6e03f14de3c79efd27093a77908

    SHA256

    25c4f65b02eca4ad897d7a623b3ca1290bac836e98ab5ee5f6c527dfb6a41dd7

    SHA512

    29df088e3b5189efd6fbeebc2f23c5850303d40fe5331cd336bb852d986f9ab66f7bcd963ebf8c4e4eea7d49a6590027490d651a3e4781024c7983a2c456a337

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nse872B.tmp\spd.dll
    Filesize

    4KB

    MD5

    8bb77ed61759966728b7cb065e0081ee

    SHA1

    b2f1407daf21b301abea7a20cdb7fd181e3ff042

    SHA256

    ab5496eef3b68e865ef79bca1a88813876589d7d63bc76808d6df38a88eaeb80

    SHA512

    419541ad425373dab928f00e60bf83b19d53268e6d151d467a13dfabdb7a6a179b93c3f51c7fce394b062d619fdfcac587e3c7110ce1582c9d5e7ef85ec4cdf3

    Download Submit