Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

3a7576e7f6...18.exe

windows7-x64

6

3a7576e7f6...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2024, 14:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a7576e7f6da2b1b9a3485f18ce268e4_JaffaCakes118.exe

  • Size

    528KB

  • MD5

    3a7576e7f6da2b1b9a3485f18ce268e4

  • SHA1

    b7b640e15c95e423c3949e3998cdd48bb41cdb68

  • SHA256

    0e3d90892313078f3085e06c71012ce88e17e1bd8cb2f84981c8a36d58d9509d

  • SHA512

    9416348ca418e6a97dc868cc6527a42367add61e6b3f0ce5023bceece97cedd1762e3db7dcaf27fcdc8d6ad828415edc4e1223cd3e2385be68522dc764e7fd54

  • SSDEEP

    1536:+OmcxxJvbhMl6h5izUofECi7rJpyi85O+RsCAdFQ5+P8Mr3/fYFmOq3XdTXJU:+jcxtMlzdF6FpC8+RsC/5+UKgCXlZU

Score
6/10
discoverypersistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a7576e7f6da2b1b9a3485f18ce268e4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3a7576e7f6da2b1b9a3485f18ce268e4_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.youtube.com/watch?v=P57zN2Z1rAU
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2624
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2624 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2436

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3fd496b587d43a66e55658a63073516

    SHA1

    5fd0b562d9d17bf8ccd779ceea639183106045e9

    SHA256

    109dd42952cfb10ba42725f5f00b52a7287feab280b8f61a178b19dd6876012b

    SHA512

    843797238f08411ba8c9ed426120d15c6df60b5209cfa51d1479b1306c578049477026fadf2c32c3ee74f0eb7245316e7f917b263a2017b8524cdafa20383928

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db1a0fb793143b44d8b19e1aa2f82276

    SHA1

    8bcc5edc72ec3e31a2e0ba6fb8e643e75c63575c

    SHA256

    38c9e4d5c1461f52fcbff127a1bcc10e29df2be5501ebe7fc21f65b9a35f7919

    SHA512

    da7d58627bec09f2ac8f490088f6fa677678d3d9be90eb759bdb8dc04a9b9425bf3312f7b1d6bbfb87d33b5a052f7149c94b99501401cc6f276b93b4988a82da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3e730e22b3623ad38fe4073cd03e311

    SHA1

    bd805c91b517f2125d3ff30a2a8384e09a709f42

    SHA256

    09b88a35cc3e1064439f59b0d382145869aca6902dacc1fb258f4966b835f9e5

    SHA512

    21530cb2e28825ddec955fd963071a1be7211c708b6b6b5ca99e0307ebe24c42c1acd5671b8ab4c74d8d7697293c188c9e2d73208a47a0973a1e62490429935c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65b5c99151a2c44433ea7f9317d3e3cf

    SHA1

    f59a7594e0ca2401c0bb07bc905c713bdbbe3b1b

    SHA256

    88a092949883aa2db10dc7c374ace8868d78e0588a56cdb99a4a80ef771234a7

    SHA512

    c6416508e5b23773e069c215372dc9dd51da7fb44e9a7d6a9f34a9784fbfb3222d680f00f9113533d2b0176cdc598dabfffb0fb2ac5e878174b133fe9b31c229

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9567a827d30762ac4fca24ac484cccd

    SHA1

    0587ef794ef5f0df244003cd37eeb3d6f4124a1d

    SHA256

    f9d7c3c83f5f88bff6339dcb30c9395f78223990c22c3071076b970a7cae6ad8

    SHA512

    e1d3a230501a7969936d79a6646bcf4d2de7a1ca0a993335ef589b5735b7cdda8a0fc907d6818b9d489a718533e6b44683991a24354288694efc99ca6cc465d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8185c011bfb4462a07214eb087ad974

    SHA1

    f67cdea9084f67deba97bdd6d8d20886e0333ef8

    SHA256

    fcf9398eb3d5f2ea45d26e839362a21916a744d4dedb909e182f25eae15a1e8c

    SHA512

    7080e4983b8610db61a3d7a0f0c88e90c3487c950081d4d539ccefcd2ad482b3b4c6eb063abb57ea9bad07fbe233d4602b13653de1270368b89603f60e63ae9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46e2be92d8b0d1ef9efe68440e1d7dba

    SHA1

    44bcf26676b967dbcee198d686009b503c76591e

    SHA256

    7d1be4a394aba64a4273dd309f8f09e1622b9738be151ee0a33c6f141af45fac

    SHA512

    72e7551902dc06abd9913009ec2c46845ab268a0a9fd62fd685f6e97e38b052773a1a92746795b3f81714d025fd35c7f39cef04aef012be6e96e00c454c5437c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02c2d2886a46a37cc36cf0db94ba20f0

    SHA1

    b26d754ad9800debc981c781b7805a7cb862382e

    SHA256

    2129a2daa135b493e8d96c3e793cf597fd54c9b183220890c143a1bea4df72d2

    SHA512

    d4a9435c72cbc9afee5ac40f603dec9f6ab38604b025e99493f19756d54ca27fae6f131c3f1da01e89d79bb354a9b0863768c8333f2c648a4d860928bd8183ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c87bd887fddc2116424caa7e06361700

    SHA1

    6e7e421967484f6e4200650be96ec6264291f460

    SHA256

    de2f03630a770b22e330d5762fc76f1266d193d7a53a5299b483224bc53b848f

    SHA512

    0355a7039c5864666f829cbb0415c2db9a9cb4d66a46cab8feb586b89ad620c217963bf1e7c132b209e16c8db9a58427ad998f57a46ed12526ea35829dbfb379

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60d117ca6781d9ae2c43aaf7b6ee5b8d

    SHA1

    086ec1ba60cea76ec0078e6b7e131cda424811e2

    SHA256

    714db9f94b9cf6e9aa8c609ff7b158e5280cad3fd465ff1967ba85c71e14061b

    SHA512

    53125ae5ab6c870bbac838eae78b2b020c6438b08e782265e333901dfc0426185b9677521c65faba534ee4ae8bf107eda038da1b4f71a2438ca2398e3c29a43d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46d9ca1f03d87bf8719c19c9e70546be

    SHA1

    008094c945fc112694142774c65f56db4bacd762

    SHA256

    2fbf582649f9c40fe793ba1265601d09b9db37e7e25e05fa241901a6460edc38

    SHA512

    e5887a55da5852007c07aca84d321afbcff190622879f3ed160df869f344e42b6d44fc2561a1d78dabb23111a74a03c639c61a5e3fb40218d7ddaf49d46e4530

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c740c4c95115f00aa15fe1c49c407e7f

    SHA1

    d2f190c4ed6ab8600223c37c0d8655f61ca38efa

    SHA256

    9e8d0134b3e2c767eb350dc8c30698abde873577930ef755aae026905047cfad

    SHA512

    0e6fda9da415cc6199d405f726b3cc1624e838a70ebb5c05cd87a43cb57488f8568dbae64019675e65375ac63892033eb9f808148200d473ab8698d7caa2bc47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61bfe2b6b753c47ec04400e1deac5f10

    SHA1

    17641532266aeb62acb950d524db6292495f206d

    SHA256

    855df0050a92d87f8a33c527f219669fda1761b99dd1e7cc878ffad79674535e

    SHA512

    51b275813953158354e8e84253f2222274e3fa5ced014f8a3dbc5f55c9d3b44ca417be0e7c5ca0464f38b41cc6048151da30198977b3db8fea8238b0b3eb85e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bdf362547de65d176e7fe815fd7be9

    SHA1

    48a7e54ae12ebda307dc203544930a8ceece1ad5

    SHA256

    15c4cd1808a10f6537d546d66cd1f655594ab0d6b14609c0cee9c5ebf1cca36b

    SHA512

    5694e08221d5af8df54f50c31619468243c6c51fa9eff2fc44a27002eafa088e8cfd131cabf530198d6a2c7bf2cde7ea75947bb1f0f3542a5f92968c8078b47d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5f24328ef8cf477eaf7dd2e3959c2d2

    SHA1

    17d145064e7214ba8285ad8dc4b9aecb34bf38ad

    SHA256

    6006da22f18f7c8b32529cdbf850715f248f760ce213d0759fbdd87dc0b3b3bf

    SHA512

    99fe2f0ee83416e085015d69358c8462cb2e50b7f670d601154d2aed412cede55fd7b564c71dc5869ef4129d23def33494b8061142cd229fd3df00a0d572bd06

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c8e03e8d2f833f4c6637bcd13cefe5b

    SHA1

    f2c6814a28e2ee37e9db771bcf9a2f46ef3ef67e

    SHA256

    baee3adfd745f2e1a4571b0bbd983237bb3c6e650442735eacf2a1e987a42775

    SHA512

    7866b1083003e91c21b5935475e7a24bcf27197a43014030d160fada43b1880c14bfe8b98c32990d964ffce4245b360b55cb99596fab9dfe6ff9629593c8165f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a9d683cd9f51f886b3dfcbad175bad2

    SHA1

    cde0a3f64302534de338b7973436336c8f3a91b9

    SHA256

    c345e108f2835d8a35fb30b9639eab5a7de12a08b9149e57bab8c2a7acfaed67

    SHA512

    764882eb34a32340f1d078a3d80c7503836c967f0457e21ad3c52556bc6551f5826f2b0d1ede99b0012b859c7cb941e07c29f892b12783b7cf620b9324acf845

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c113ecffc2b196242e18ad52e1aff505

    SHA1

    87bdd3e5b0a5c34f1f32b6d1aa2286b0cc07cd4f

    SHA256

    05df2651e33f4977643ce2e1c1770b947c9aaf9ef3cbc87ba90babbd1f986cdf

    SHA512

    d1a86fb103df8e54d6196721663d3567e60c1c58ad492d13eef2db2786e078d0456e798c055643d0cbfff79e66ace8509ce08ab97c85e3fba39187291e40f92c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ece3e33c7ba3c47805b59d5d21f4ba02

    SHA1

    068ec5906ba207cd72bd2355aa44bc53d14e115f

    SHA256

    c34469a5c02ae562bebf90032619b58e00e8c377614bd37d42d701cb5977f6a0

    SHA512

    a529330a94acd720d5dd3d1364e37ad6e77f85dce2a303e121493f8bdf457bc5c229f74e08feb72bb11fb0eaca123fdac925b80e4cbb919fa0776aebda3e6a8b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\z8d0nzh\imagestore.dat
    Filesize

    1KB

    MD5

    af33a1ae0ba9746ceadfab592035bac3

    SHA1

    9d8f1bc4c363f254fa56ce5e88add414b8e998d8

    SHA256

    bc90947315d60703fed6c44fdc4c0669ddcda1548e8159ef77dee610098fd664

    SHA512

    51f708a9558750a13c58a0b3dbc43b06fa0a557d54ead8728a8ac10f81e59834e4a402af00219fad34d1a690c41b6e1481f46ea9be621847f5d2cbd32f38e446

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLHRIIGD\favicon[2].ico
    Filesize

    1KB

    MD5

    f2a495d85735b9a0ac65deb19c129985

    SHA1

    f2e22853e5da3e1017d5e1e319eeefe4f622e8c8

    SHA256

    8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

    SHA512

    6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE5ED.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE600.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2636-0-0x0000000000400000-0x0000000000484000-memory.dmp

    Filesize

    528KB

    Download

  • memory/2636-3-0x0000000000400000-0x0000000000484000-memory.dmp

    Filesize

    528KB

    Download