Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

fbacbd6919...18.exe

windows7-x64

3

fbacbd6919...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 06:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fbacbd69197ff0bd0f620385d90b10f5_JaffaCakes118.exe

  • Size

    36KB

  • MD5

    fbacbd69197ff0bd0f620385d90b10f5

  • SHA1

    8de8e79b662ecb8a7a9ba49119972f4cf137e4bd

  • SHA256

    baa4cb137f6e2caa8000b555864710adf841293bd77f88c010b4da35c9fc5f85

  • SHA512

    884d5579a96712d5ffc996bda9ef5223f36e3958714559996da7671182949ad6e008369ea7dd049db270a1f8fcebb3df3ac5751d7c627d348a67df5ce0b456ce

  • SSDEEP

    384:LunLIarFCdm3i7xRyfB1s1fS+XfRyGyX4HerF6ou:LunUarkWitRUBipJwF6o

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fbacbd69197ff0bd0f620385d90b10f5_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fbacbd69197ff0bd0f620385d90b10f5_JaffaCakes118.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://abc.50555.info:8080/1.htm
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2128
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    260ab484b854d60a918d836d6e6d7719

    SHA1

    83dc8c78c660891591a80909e820106dc6afd781

    SHA256

    00280d0d679d0c03dff475883ae2dd9468dc8919f0514313dd131e89cfbb374c

    SHA512

    a05724ab1dc488ef786327899840bae7264110a86525afab81dd222772c8a1f5d0a33331a0bea59277e0e372642226f9f7d79e320c8671646859d53ba4da85bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cbc18857f7a75053d5afd101f89293e9

    SHA1

    3a5278d599482bcf5993456438e88ed250a5b0dc

    SHA256

    ae701a180b12bf2babafdf5fc50c29c04245b04e40a7758dfb40749b3a9d0ea8

    SHA512

    ca85be20c248a86d8cf4ee72c7ddb286b52dc9ec293afee4b359f0faa862e9fa97fbb294b3f602a1b4189dce0b9b46740fb325ffbfd916cec44153c63ec68f31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    084f648f94f6383a7c409901415ec32c

    SHA1

    6b7ad974c346dd49a61911d9fc6de34cdc798b3f

    SHA256

    0e78dc3ae8fc7c2101a22fd062e1137336dae665a658a10b0b700d38d4a4b553

    SHA512

    348311ac8ac8a25280d167c3eed5e5464028f8a48012b10e6edbf2c1d1bf76729a955a52c2167bef4f77af593fc94dfebe1ed9e81de464509e05586bbfbe0e6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e3fa9deea9d8831ac1d08e1ba2081c1

    SHA1

    7772f8e784dd7480a8d807d4a3e969b3d99ba08a

    SHA256

    facbfc9c830abaf3b87c94ee2cca864ea80ec6f9be84c6537de70dc3468bb1f9

    SHA512

    775ab55e0c46038d8522494a397f20b34457c2b4d64074108348f32b53b6bf8b12dc257592d6950af242d1f1c1102050183864752555f30e7b8451cda927c51b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f60290460bb83a711cd9e0f35d34d73

    SHA1

    83b4ca021bb73c3f9c282c7a99587a13566b6080

    SHA256

    656ce973d8ee3a93fe29844f50bbfb1b59ec0795b6b092d00c7fa0685d3ba8eb

    SHA512

    739e3d48968f565b88e93a498e2c4b9b744c55f07b89dc63201101339627ab7350f8dc7be55209ce2a216ad528aa366bb159c839022f305bbda805249c65a148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea07a99ea622ea05d41ae6bd51b430b3

    SHA1

    d8faf2b04f1a42f3d9c93dff101ff85e9c82f75b

    SHA256

    40c446a995f85e209ae0b68ecf0e67ffce95c318c7ed76f5941d7458f7b8bd8c

    SHA512

    1677f74f73a4bf922fcdbb1c3668eca2ed3a23a4a1f55912fe405185150b50b7abe65a4081c9845365320d66dc55ce5d556cd6eaeb79943eb8b4997bb6087937

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6db879f1dc1797f74e3f35eb7aef6ecf

    SHA1

    75cf8dde09b9d831ac919d4ca0d9502929ffa124

    SHA256

    49666540b4fef32583975643d21af3bb6ba19804f8699e99503972d6ba842ade

    SHA512

    91889cb1864d7ccbb3f9f8ef905c4eaa9e85457ba117dad91b51637d1493d44b0d0ab1a67f60ae535f97f6746d10e5d81f791ff996372f7925ee77b9d1860af6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    648defc7101ecf76bfc4dea25ee941d3

    SHA1

    30501e0cb8838b8edca2a71aca2dddf462d7db68

    SHA256

    a944d02efdf66003830b836a080e7a32ce131698e9b370c22f5e9314a96f81c3

    SHA512

    6161eab45574a538d0ed0ffabb39f501f51526f49ae48118b525a947485f029a7164f46cba447e1b305b5cf6e83e7e98cacf45e913b8142e5604154d67f6afb7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c7bda510224f5a2d22a169a81f9bd9e

    SHA1

    e80c690a0b377ced424efc64e5fee0a7dbdde6dc

    SHA256

    97bf6b13e9fa7cf2b4f6b2f79ca2b05ff639967a17b177c77243313623e4f40a

    SHA512

    7add6d65407a3fd9977440cfc717f4ba5cab1334aff597527f240a89e2745a292ffda2f48fabc09ad10517fd91ba7f67db0da0b419dad759b022333f6f6a753c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    280f16935709d727ffde8ed430d09dd1

    SHA1

    9497bd09133e54a78ad61866dbd13f60c0ee4cc9

    SHA256

    9ebd865d7f1d8bc0e34a92446d0caad26a07fbaf6d9b608ec98a0ec927df4d90

    SHA512

    05577331ddbccbeb5723825bbdf8543c49a3ea414cc2f49ca48c00664882c72355d93ea0f1d09ee5360b540a3cc9232636b36eb490508588def5d619c579e299

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b2598fa6de6b67b04f3b2bbae78b3f7a

    SHA1

    8f812837bfcb580327164648d589b032e41aa859

    SHA256

    d1b821fdb893e89e55c42e725f11e7326b4db0461825c75d28587b74fb2377e6

    SHA512

    5ac76c16857b5375b6c096e810420c453261ef21f0cbfb28a50fafc77591a501f39f1a4decc664b8a56cccef054510aa740787cf664eb3d7af727e4e083a1080

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e87528afed095161a8678b5a8f3e86c9

    SHA1

    d10efbd1e801e54f1ce1211983f3b54a533c6f50

    SHA256

    5f944f053dca411c6059b6e5c8ebf0de6425a47398d0820ec1a001bb37b25ec8

    SHA512

    a4d0f24553f5f4b54afb6f9daa190f7f6465a43c7dbd2d94334c49ba7c26eda3d4eeb058121b96395ff66dd0592b4bb48055e6d6e3b11b99e2d8ccd2eb9d81ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e8eacadfe90a6357e89e889447b169f

    SHA1

    f2d261274328a4b9f271785d8561722c0c1ddaf2

    SHA256

    be07b39831f8628169a138708f13de435b14beab5f050199480f721a38cca4b0

    SHA512

    ab8b80f1e46f3933e7fa528f35b80c51fb3bf47ff6f3ec179b3b46dfdbddecb6a4d80b8b65133cf3078c6f404efbbfffc42862f0f6091a59590546d7ac6f76f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b6c1e48e265dd0840bf4d11778e04a2

    SHA1

    965deab5dd35915431f5b4a81fb24534c75391f4

    SHA256

    68543462357ccc9275fd1c7c6f16114ffcc78d8310e6b2ea27f3ae0a16a1f501

    SHA512

    d9c5dba1f06163961725a6f58cf713d59de4a6dcc5a1f7349a60dad76f50231598e4c59db3d7625baf9096131b13771f3c66a3c9a364ce1ab05b95d1b45b67c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5586165a716e03244f631af64c968370

    SHA1

    39a627ea83511b71e886fc9961f43f00b0881923

    SHA256

    0d9d114726f033e983a83a0face271adda1a8609619c7d2bad23c3f1ce6d23c0

    SHA512

    108a561a60105f8ab545e9bcc86d640606366244c11033b98bf7222d899dd37b7da7046c1b5b451c4370e2647f7a34cef1722694c5b25ffda8c4c667e2b9941c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dbf2412f5927a146d76885be9cfcb634

    SHA1

    440040b202b8f0d0349b81ffb4d581b917ba4b3f

    SHA256

    a635b03fd9d3c467a3a7ea59c4d88796c1a4065f0e9e86f42a2efc63e1f2b4f7

    SHA512

    56e2966655e998077edc555cbd581aba8d3138c90a7941cb8cc7a09daad7b2077a2235d1f21011a628ae65b285a2e81c777bdbdf0b0b8622cb7573fdee6334c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c823bb3705656106d86a3241ea9c62e

    SHA1

    27876e8ee5ccbe1bc739be4ec7f4bfbf1f532f61

    SHA256

    f62494a6e8ae66f5575081dc61bd94aa032b81772d72cdf12c4561c6bf7786f7

    SHA512

    fab4ad38f09cf93ad048cf75c12a9d4cf8b34383d0ffbf15843d3d0246bf33eb765f5b01840560d268e91d38864a483791b2c6048e8355757dbd8bea37253b47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88eddb7d61b46cb2c75fa3421009d81d

    SHA1

    494c65a18cb8d8e59bdec0e282cb3fe4c070c557

    SHA256

    4dd834837ce556590c1b4bd18c16e93202d08fcc9c195cbb3347f7f26d146a70

    SHA512

    75eff115e1440dbbe3b53294d16aad18cef83ac2eeb6676a9917d6b0a584e2970a14b495b212a0b331ae13fea3a2266d2d14317e391343d6200f40e5b0437d60

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab92A1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9302.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit