Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

fa76f971c9...18.exe

windows7-x64

5

fa76f971c9...18.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    120s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    27/09/2024, 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa76f971c9691516db11d8c19e7956fd_JaffaCakes118.exe

  • Size

    13KB

  • MD5

    fa76f971c9691516db11d8c19e7956fd

  • SHA1

    ecd1008c5085368868dbddda7e6b45a396312b24

  • SHA256

    c15ac70a4733b660b631997be6fa2fa9b19359bb9c11452305914c81f1427a8b

  • SHA512

    41ba0d397c729dad7d83a3ac93a657fe2bccd03cfd1dc94c30a03dd9d2ea389d1d12c36a38f1e52970954e5e89dc56fa8107e9b031793d0daa0866532955e8be

  • SSDEEP

    192:Q4yXWUK0o6TEGkwv7E6oQtDzr9ZCspE+TMwrRmK+vhOrw:Am7AY87NoReM4m1

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fa76f971c9691516db11d8c19e7956fd_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fa76f971c9691516db11d8c19e7956fd_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2296
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://ads.eorezo.com/cgi-bin/advert/getads?did=433
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2008
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1949b60359970b1dcb0b8f0ebfd33f3f

    SHA1

    7dd5eefd79d226e8b03dbc42308bad61836e862f

    SHA256

    d93c8892217aa700a20fe4b130f264f9b0b4a0a9d3193d8be310ccd07800adf5

    SHA512

    9696ec0ad59615383d65b78ee105ffdede202f6b7ec6e14d924b9d8e7994575aefa53ed5ba0776a4a1332e082a19426aad439e4caac9b6aceec27ada2b6ba717

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    384d94dc71273beb2bbc6bdd7a97890d

    SHA1

    551cd815f8b63c9087cba612dda41773aa4a18de

    SHA256

    3b7ec3156af7a009d31116e0bfe74df5a47ca62110c17b23192333afcdc411db

    SHA512

    86c6e9ed70ea9f295bb4c9e679f7de63eab59b908e4fbb5d938550fc1c990d5492aaea552e4050d104660886b4fe4fdd5c611af3507c778c604399e6f6b79c9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    852fbe73e1a44746d2f8cecc24048b11

    SHA1

    4e2c4016aa03f968584522fd385dab9ba4211d41

    SHA256

    7b9020372021da8c0dac4b6038057f8c140456d67cc022d36d480f00d05d3d64

    SHA512

    6aa13698e0909fbd499b25cbc98dde5ddf65ce1869479f3975506869ee46fbc2fdbdffc4e51c4439ef372a45b2b9f65482f7b6fc31139ae4f4b378c8d627f14e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23d88d5997a86662d729a8a8795411da

    SHA1

    3bda7992a2e4a754e324e9b16ce571fb19d98c1c

    SHA256

    b8286fa4c46ce84ec3ee73bdc822dd4e384c65eca9d5dfdbbad837a04884aa7e

    SHA512

    254753e739c359f1fa3ae341fee37c82a7d0c01ccc70235b8db879ce02de07401916e0d779af67bd2286b43873ac76b137094247c205825c3297d1e402f2327a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    155f886bf6288f859963c46b386428e4

    SHA1

    2aa3e14594b491494d0ac6d0ff09c9fdafd59b0a

    SHA256

    dbf844d9eacaf70899f99ec4a4acc9dab1262e92431e25c457ba63e3e29c19b5

    SHA512

    58f9efba876692fac83c4408d9540f04b70e2fe70d821426903cd6c257e8a4a3cef1cb0bae429805d0b39e9b9b61f875eaab512a852c03f79dc637fe693b6b44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca9d40ceaf8f6185afe285ffcaacca3d

    SHA1

    9f8193a184e022eaa9417293787f48c4a3258759

    SHA256

    7e361b2d81bac0ef14cbcae3b95fece380f6ac11c3db2cc4d538bca59471bb17

    SHA512

    cd090813ce06bd294f1547553f293c6298633fdaad205d4dee8d56e0b006bfbd53cf9117668ed86ed7483fe84ce524b893e2a45aee8aa1fdf20f9a5e3cf448bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b497e781b82ee4e4914f140235bd44cc

    SHA1

    05215302103563d86737fbeb25582356fa76be18

    SHA256

    898aeea96fef561cd3bac6f726dd1e38ce17cc5d3ef9965a448717c19f669f0f

    SHA512

    af727dd17cb041842ef61b464220fc0cd0addabd8451129c82aba0a5528db4db75b716a633339b139e21be7e3201fd0cb2f4dfda79c9227bbd9af089de3ee6d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d530bfd5a91c18dbb9f4a41bbf667e1

    SHA1

    de4d1a2c5eeb9578c80073bba9e27faf7c1de19b

    SHA256

    23d3341301d712b06a8a84bbd775232d92669fe944442b227bad30d8ba3d6bae

    SHA512

    9c9a77a4efd59c4e37b1c3b6b60c9da24ae5088c02febc6fd12dcbbfa85ece8c816437046fba5e6a72000e1524adae63b61b902790da2b0f872073fcdb6dd460

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0805ff0ecb705995b54e7fcfc787e59b

    SHA1

    bedbad74d833e3a3d2047f82022f56da6fee42ee

    SHA256

    ce88761fa855989e0c456d08ee4856d843206d9b3f5259add852ae96d7201fb5

    SHA512

    c36255027c0c95b27a17aaae5184b5520f9302390b3bcb6b7d196add43e8ff7b41ae6aaf960dd528f336b098865039dc009f75364fa0c97a1d0f40a4e3459ebd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b224388f43f080b837bafcc5dc708db8

    SHA1

    045ee98d09d5270310beb646d712ed08a036aeab

    SHA256

    9551740967dd3b1956e6b747162afa7bc268dc08cacdf2a2e1714b42f7592ee2

    SHA512

    eb1461024bbce3cb01f0f31b5115741f5219ad4bf207338bfe56ec591bed88ea6a9b55cbb92e38064784e61b9c13bd0048ab11503f6bbaef045fafb25edd4036

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2185ccd32ab309e4901fe48c542e55a

    SHA1

    5ce51ec309d35a4c8a2c31b833b6eb9c09e04568

    SHA256

    1e0227b99703e19feac7a076fd8c7476bf45cd06a3eb2608a8fd8a49a0f058f1

    SHA512

    5076ccabd00a0399c71c16270280b47129124d8569fadf17f295f073797a6361f426c8ec92514c6b97dc3ac358409b3d8ebf2c0743ea49d7dee6db59992bcb45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a6c04c13796fb626279938e34581da5

    SHA1

    f5e7db56fb4c72c4d159a84f4757cb755022859a

    SHA256

    fd96ef5bce6d74243ea0e2c1b21a5bc5cda90dd2437484679368567cd82392ec

    SHA512

    dafe43be6f16251bfa7a31efea649395499824d177a0b689a68773f53388e194ecdb87bd2e486abd5193444f609173156bf623bf8ebb25587295a4b02b44043e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e95e2ef55b7d6c171cb0b15b26ac8f44

    SHA1

    f7488c4cffc789fc3bc77a59edad8536c5d73034

    SHA256

    e8f5740dfa216a160ca906c556689ff4fddc4278f55e96b1282ca9c4788d3bc4

    SHA512

    e663e7d5c775e9ccfd19e4150dfc44c6db5c9f1efea4a67ad6173bd182acffc1e57916b2965cbdf0ec33a9a0ee1596f8c3218781cab56247fb68e8f2c3100f3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74a33ea3afb8139f5fc064502f56ddc1

    SHA1

    821acac836d7707fbf30a898d39ada94c8972ab6

    SHA256

    484c0639c1dd940710e623ed8bafe31fbb429c471fbc1e2020977038e47133bd

    SHA512

    0fb68c18ea37029a42b3a27cfb72402792bf8cf12dd2b940f0bf4c56990acbc4883bfe0f2128d4dce1cc1eb8b53b5532883356029958d0f9cfbee475e75f5c6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06f504c2d81af698d4a785204f8f1c61

    SHA1

    ce3528f2108485f2d82205aa01a1d803324d7151

    SHA256

    9bc6d2146852cb04918912d99fd0b5819c3f0d1da8d835688e21fde85399ce53

    SHA512

    7a70a6bd59a157f4d7c4356a2826887ed898e796440a4b73e940743a0dbf3b76166ec060baae01db0fd3ad2d7d1c7bb2cd75fc9b00a535c88c4f85bc9c5b899b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81220027b7673713500e8577adce8b04

    SHA1

    331cb82af79bc520868cd30027c54f38424a18f3

    SHA256

    7eb8409f9b9208d41f1236499868c3a70dd1852440a302deb733059322f1a322

    SHA512

    fd84b85715c460733b8e5b011a460454303dbae79e3e71e78eefd25a6bfbf4971fdc02cf586f46c6c02eb6d8df15a761f5d60ad2b7a13442bcec108482751f45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4f6093a388d6de2b289318d15a476f5

    SHA1

    033fe36c06a38032efdde441ffa69e771f9b9903

    SHA256

    36891d1086a2f38af0e6c09aa469d24a1c4e331f2534939717a7e69b4adb1b28

    SHA512

    c627c8033a37deef36fbd9c007bc6cc17ff828780a17bf383e33f808b075545eb4f0cd4bdac424a31c4c78cd35a5d2591fb06b777725bc961d60d82f4a1ec456

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFECC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFEDE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2296-2-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2296-0-0x0000000000400000-0x0000000000408000-memory.dmp

    Filesize

    32KB

    Download