Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

efad9cd394...18.exe

windows7-x64

3

efad9cd394...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 11:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    efad9cd394a573426f8613a1bf26ac5d_JaffaCakes118.exe

  • Size

    3.6MB

  • MD5

    efad9cd394a573426f8613a1bf26ac5d

  • SHA1

    6ef5a80d1646d2f011d0f02edf6e8091db540b0a

  • SHA256

    fdea7526c156c1ab5bf1a160bec41bc25d07c2845a7d11adaff9f76e99585202

  • SHA512

    1fa209ea02911038c3c06274a4e77561ff546b7803e4f8a76aa97010038f33e36663c36e1ceb59302a3ef0d3ff9466a0fd7ced6861a500ae1bbef89ec84b1b8e

  • SSDEEP

    98304:pYA4m9hV+xSTkdhTBrHJWGs2NyqeoNE/7SRYYB:gUhV+xqUTVHJack+L

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\efad9cd394a573426f8613a1bf26ac5d_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\efad9cd394a573426f8613a1bf26ac5d_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://java.com/download
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2784
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2784 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87e60e8618ef2ac9d125a018f8cfa34a

    SHA1

    62358ba75a9c58946d7cfbcd9b6db32c35f64639

    SHA256

    8e3fc77bb73d64a8a624e3632f5e528c2b2a1cb28508da32dca51fe7c0e76b7f

    SHA512

    81ffea42993869a86f174bd18b209a6dfdbb8e78f1d004d7936dd7bd1cab09f460ed940228e5414f9fc9e319299dc525e9e13c74944ce46c7321f46b63fff890

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7d30f7b1af44656e6e5728597d5be90

    SHA1

    1d456011499be8424ded5294b4711170ef09075d

    SHA256

    670c5f91ecd15c912ea42fc5d30a583ef35c6d96f38fac5b5f3a0e13a4679963

    SHA512

    d8f76b531d53e1bb1457678c159124f91cb02da1a4eb8d687fc0658948281666735f1b817f9cf244e04f864d7e127596d69f8c64e01285e33aead00ef65fbc8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf605b6f7a3ca516a58b7251a2a95e52

    SHA1

    97cf43d7ac267b7cf36a245aba053750b0779b69

    SHA256

    766f5d78885a9a9d88f36c14636a02ac95689f65b563eadf17d15da31191071a

    SHA512

    988233713a0ab13ee3a5011bf781863ef2913305a8602a3b246ded57d8599a4d6673abbc3dc4de13230145f80b0b7fa2044223c911f6b3cfa12f413582cb5673

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b58ab8b4ce97b23c1165d6d23ff86228

    SHA1

    137e73f2cf3547ba94c407c16375151612685519

    SHA256

    534b91c8c7e8231e551e13aaaaf02a204fb7b41c50ad49eeb00b9df748fc84b7

    SHA512

    d25a646c8ec173430f7ef5b3a4c8ac0342a3c998c192d7452a03ff81efe6f565b3e2d9441f24aee201419f5ce107bb5974fe08b89ee625bc3ae90875c24a3443

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a622cb7ab3ae1b4cf525d55f8d13c0ca

    SHA1

    fe8c2eec10f4a280325f52197620ff2dec34fa75

    SHA256

    0a2472819776186256bea3a7c8cf672db374d5bec9fc58a0a103c496aef69e63

    SHA512

    6d67ee0f8c481c8c320faab15bbe9a43afa5c5ecba010786af2d389918e303788d616016cfa90a4951decf0f65867c7ad2986eaff7c4f69035aa739625623d15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04e5f28c7d91e4f891915e71e84fc610

    SHA1

    10680097db463bb4414603b00ea0f8eddca3818a

    SHA256

    4474c9e4142f60240b87a16649f994a238c2e385c9a3ac6e0a26900958401452

    SHA512

    06d6f2e05fa203af176eba602826915a97f20e8a26c74ff59e0bce7649316a427e11119653cb53c73f567bc1222e3d6fbb6cbf1e4a484add4c962e5c39bdf48d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ae952d3db3d856fa5aa977b44ef0660

    SHA1

    751ab7d4e2f8807031e6f1097fdbbde91da3a820

    SHA256

    f7275d23bc6f29b8eb8b1e2ae58491eb53bd840a924c5978ab6d8519bcf9af08

    SHA512

    244f44249f8012599cd3564b2eb2d6810c09adec9c1a1106769cbb254bd71123dd65bf09bfdc2a392fbba2194e41b08bcccf74f154dca398ca9812eccac016d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29b46dbf4bf632f928a66ac71576088c

    SHA1

    b518cbf7e6120214448fe4e0bb5af35be031bcf5

    SHA256

    39430d79ab3e99ba51ef74f59e040ec5edef47f702b26ff40ba64f32219e424b

    SHA512

    cfd9eff39a5779d5f2488953e9880ea36f921e40f523ae3b8f24f46d5963f6758b885d7743668643a178ce1610cab89521fd079f243e2d2effa659464afacc92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51a3dcc67fe769a4042fc970bf10fb86

    SHA1

    7e5a1de6265b979d60a64f314c8147b0f0f4eeda

    SHA256

    ff235f5e85234c0e10dbb2fd0843838262520eae9b41357e3c6ca6d5841822d1

    SHA512

    8223d027949cf0152243bd3b8682ea205beeb4b1d7434eb94e0605ec7cc5681203924497d9f538bfe8c6f9542613794baebea654dfa38fd4a6508bb6f6ca9b58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26c5a384d37295106e17217fc56aa7bd

    SHA1

    9bfaf2779eab2cf22c83764fc237e026248dae2a

    SHA256

    b8ee6ab663797deeb8bdba8a523d80437df2f5a02d86565f2d5c1abaf1a1d2cf

    SHA512

    b9a8417063704bfc7ac8463c39afe194edc0a0772d7a45a8f7ffe4a49c6f0c9142faf74e4498f799b8f20f4d184fc61cae91fe6ab74be5bd34389382c393b729

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7cea10c086516f56847062c353409d4

    SHA1

    6a20cf4580648ae383c06a8c49a1fa1ed91960e3

    SHA256

    6352ba3bf3a83a382f078a339e8734b36a12076420904306fee7c794bf083c5b

    SHA512

    3d08db54aff07e9ba2628d2c0e60fe317313278729d5c251bed167e12df764d02ea53c45db17639e215b16747a98104d1a3221f9f660f0343c861bee5aa17abe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a55d56446201925686e790e811bb4c1b

    SHA1

    2d766b2ac3c22aba3ae4fda7ed3a2ee339e16421

    SHA256

    c9145b6c7ca5fd0996b3e639dac1ad017ab35ae4b25ce8295fb857ec88c64e08

    SHA512

    4e9d069ae9bd2f88ab1bc8bb285024e6ea80a1ef0eb2f5b587509fcd32d4a57ed423968b8abdd0023b1dd6267b92516c362822fb71f2d665f9f3a0772532475a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a30febda7539b635fcc812622553b9a8

    SHA1

    7a7f82ddce244b53162105a81fc7debd957dab3d

    SHA256

    541f1438658b26b7395dda03c3f6981e4be6aa98ae1b3c0897f7d5d77b7d379a

    SHA512

    f512d919f5ac533bc3f9df00d1598391d2188c5bc043e80b5e0053f3aaf10fa422d62036935ec62fbda1ed4a1d5d6bf6cad2a8276553ea62d83a1c233b26dc0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    acfb248c8e53068c8098ef3232149c4f

    SHA1

    e2969a9b403a4b865df5f4503794b4d47ead1ccc

    SHA256

    191135495d5695b805c24950f1dca418e9ab865350f1cc7cd78d73e32c41b466

    SHA512

    34a808736e35428f4f0bc6cf27f8772bc4ba1a989cd2c122309054ad8dc26fbbd3307925fdb6dcdf92ad0525c0b95988c572c31ba55a58e2d344d3054fcad6ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b1986f557bea335021843bc3686970c

    SHA1

    173fdbfaa08019c969ba80300623c3a50160c4a9

    SHA256

    884f274b2cc266bac644ff2b77f67338c193a5d396c9925c6a3feef1ca55cba5

    SHA512

    87a6b26b5b90cf980303c0fce5c0c433494b8693fa578323bfcab5f6ab5ed8224d7a92ecdbe86d30d78f1cf715ce2f28e2d03af396a84010ce21806e35624bb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    032218191bbeee1c5de3335aad4a0370

    SHA1

    9c604cf49aaeadd6162be98e22755b7ff630004b

    SHA256

    77a4676f18f734710b4af822d5564f5d8ea862148083feba6a50c0f9ff1682fb

    SHA512

    9903f9211c465daae0dda9751fb8b84a39e1e676f4b532a24479842604dca47237583c46b05bd16c719d44205a77bc853b5b296c932e634b3cf24ac134aa0ad5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f8cbcc6fdea2aaa2fcba6e5f83becef

    SHA1

    a69c932ab2944d746d3073667e29034b4ee1e271

    SHA256

    ceb2faea354e7343413738db99d38ca3600d00ad4d42facbd87696093b934764

    SHA512

    46407eac77faa87aac34be7f34b1d8c972dcd917a4b3850a38e4a93fa9cd35e2edef39cdff4a31aa38ffc5e5a35398e3a8a5f2589a289c974cc952a0021893d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20f55d01049201d1b6dd3b392a956b0d

    SHA1

    d7eb0b4bf983814c0c6bee1ccdf00caaa6d4a541

    SHA256

    5b5895310f9de481c7371e15eb56f60a34996c0efd259e967b88bea6621bb6b3

    SHA512

    8858cbcb90e307e0a00ca13f073d2e9afba3b05b92e57ce75fadae252f90f440a08d14b6f12f974fa067d2f26d5b5b8306d62d25b46420b3967254d762c05ba6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b12e29cc18f88e9f14e74e04195f7322

    SHA1

    06ab5e4b92679a3d3f13f36f74b77930e143d734

    SHA256

    69d345dde974ef297ed613e55c6e2a3f1db7ac0cef2b3c866c328152b82ac43a

    SHA512

    74df7677e4cd7140f320d50f90ffcf380dbcf439d90250f6d6385855174af259cea543a30b9e7dece1755ee9e9d826e8b47eff71f9737b07fa608688f0b6c3a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e637274940407a83b728c8174de3133

    SHA1

    274242c8827d97d9ac5d8746490a7505ebc313f1

    SHA256

    de8fc1ad4bcb31055d105d7ece1dc14dd01f80a114511c52c9dbd9c1073ca423

    SHA512

    a5da0bb5f1d75f0ea5bb37f34e50c15dcdf11854c509038953af50b2b7c49f3b5ab1fbee82d488dedcc0c4229f02c4bbd4940c59ad7db84cd219f903660f8e93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    716ad441515e9b3ee29238c7df61b3a2

    SHA1

    4846fd49c913efec74943d3e05c22a7d397ef663

    SHA256

    3c74a354c65054a5b9967e4ff8dcf3ccdaec3a87524d63bf7ab1b70c9b07cfc7

    SHA512

    af631d8d5a177210448d45ab60a86d8a2cbdf13e5566d37810a1ff7a13189a776521d0ed444e2d76a4772484290b39806943dcecccf2f229244c2253c4a58087

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b49b1934ab8b2264da9eb3d3d9a26a8c

    SHA1

    f59d846e83a74e55a8a6da8646c44f7443fec513

    SHA256

    c80324d54f161378255b6fc0fbafe5057d5eceb9ddab43a1e524c50fc1dbe23e

    SHA512

    ea57399d2a420ea15dd0ca530b9f00dd590ef5846dacc5124079a2b8c81fe9ffe87e3431cf33599b6d8f5084f536f82906fb052d97577c28fd7fcc1187ab777d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2c7aaf4d35a94666bd9d4f376f3ff5b

    SHA1

    6814cda7bdf30034c4a4423feb72ef43a37cb273

    SHA256

    227528ec49559e656c5be5fb04732355f94249e4f31949188a17824893551513

    SHA512

    95de67237a8b32f6453a610638ad815801987a4fddd0ac3231115db5f6ee4e9621dcfae8b3c12acf1061b64c8d09861f5fa96f6421c623cfbb983e14fcef8ddd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q73Q2YZ5\www.java[1].xml
    Filesize

    322B

    MD5

    9f449884189b528ff31c716a570aa40c

    SHA1

    45edadf25131f51bf49c34f20211568c3a913100

    SHA256

    204e79f8005847cbb02bd7a5a22d39dac01ee7c911d67d4480bbc891bcb0c943

    SHA512

    2d4609ca3cdeb19191ae9f8ddeee127857e295b86f7d39c985735342fabf7f3a028b40ce464186c9f5b3d847e9b3bcb732c191c19d977379cadfc2a731f6303e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q73Q2YZ5\www.java[1].xml
    Filesize

    397B

    MD5

    5af034e7b066ccdff27dabd6d14a5fce

    SHA1

    7f2082aa544cfb9f8f3631c8ac1a66ef6f964868

    SHA256

    da218bcec6d14779f3b2a7883c6cc5981a1c391090bef27ef716869f353df2b1

    SHA512

    53e27c195ebaacbe022f10e3fe2bc183788f7f69f9fc43dfc3f539856e7c84532114c3317c87e9314832bbdfc4abb540b1ad27ef51592838a7ae2b73de9f8f06

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\Q73Q2YZ5\www.java[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\e1ur8h2\imagestore.dat
    Filesize

    1KB

    MD5

    22069ef41b04270f16f896754a10455d

    SHA1

    c25f3bcd4f083af430151374149e92513b3df186

    SHA256

    5a7b57a1872579b8126c3a66204eca8bca3d630d01e24a66c2705a49aa0ab0bd

    SHA512

    e1e7c1bb44c1e50a8a8716908de163dfe1121cb7d6beba2437d304d205a7e263b19deec14f4abd4e5aed82aae1daeb5b1d7e78a55a0e4bd7c65f77fac24cce81

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8GI6B9B\favicon[1].ico
    Filesize

    1KB

    MD5

    8e39f067cc4f41898ef342843171d58a

    SHA1

    ab19e81ce8ccb35b81bf2600d85c659e78e5c880

    SHA256

    872bad18b566b0833d6b496477daab46763cf8bdec342d34ac310c3ac045cefd

    SHA512

    47cd7f4ce8fcf0fc56b6ffe50450c8c5f71e3c379ecfcfd488d904d85ed90b4a8dafa335d0e9ca92e85b02b7111c9d75205d12073253eed681868e2a46c64890

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4943.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4942.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2212-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download