Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

28dfe2ec76...8.html

windows7-x64

6

28dfe2ec76...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 07:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    28dfe2ec768d04d5c907f93ed0c49334_JaffaCakes118.html

  • Size

    87KB

  • MD5

    28dfe2ec768d04d5c907f93ed0c49334

  • SHA1

    574f45a27a62e720b6ede19139ebde31e7f9e293

  • SHA256

    b710f3ed0ca664b8bc3481152e34e3a6a76fc1612b9a5193d4ebdd103f2b45ac

  • SHA512

    40f9d866e60116208af6a9789b56a833324ef9306cb78af2ac059dd69c0cf403db8c0f68c9af738553be46984739c2d728269a51965381aca1cb65043889d346

  • SSDEEP

    1536:ZQfGDxJy2GEGsVn/32nTeHJkBsFZfOMgKMdiE2zFvlD18hmD1cDCty1rnJee62au:2oLZPgdlXxuHclQN0YHmL

Score
6/10
discovery

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\28dfe2ec768d04d5c907f93ed0c49334_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    e27781e103dac1b6c85c25957b330693

    SHA1

    3c7713381f6fae91f576a844c7bfa1852be47ed5

    SHA256

    eb02732e520dbb22897ab825162a8630b4ad5d772f342c2ddb13958a50728b13

    SHA512

    69f87d8ee223ffebb3fb933800325973ae513b287bdb9ab3685ca9e36c66d105e791d250e29882a6902315a02b27059d070a93145fcc05da7c7e9757995932c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    efe1c4c41767dbe8693626caa9e37d8c

    SHA1

    b441f94639cf626c06e8769d4962c3008ebee910

    SHA256

    44a0de6bb61cf4b44698e040a0be6b898d31fbd91db527f9bb6f8d03309fec22

    SHA512

    5476a1c2470d2e2851c1b3e26095fa6a1331500a30037657e3a0223007bdaa3735df01fd44366cfb6ad1a2da40ad0fefb6b5cb5f3bff7e7719a5ebcd8d4d6fcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f06befd9b54e3ca73bbf92586e2cadad

    SHA1

    15176d12c3a147e149a2cf8ed146799bf6654459

    SHA256

    f48400b041d3524d5bcf26d200ae56bf560d7e88b5cd1957ac2f767556186aa2

    SHA512

    88d69eb6c9b780d3ea7cf5b472c4e38ccad5aa3ed7ad850c5e0b39d335413967a40ef09eef1ec0a0b09aa90820f7e80008fce456c38ab57b0266e565ae2e0228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93814b18c0d3c2797ccda1211a4b0c51

    SHA1

    ebdf87250f1b2be110bf72f5f88a22395a79b6cd

    SHA256

    783c1613f335f697df1d806148eaec78d61f2824a82c004357cb25db6a2b7e87

    SHA512

    03ab06ed60d4bdf157f90b86d35dadc5e2f8779a4ed9cba68fb19bfc5f223a61a01abc657aea20d3c450c0fd6054b0812e8b304efc1b170b66795557ee8c5e61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8dc62cfba11126aa3dc803509c5e1da7

    SHA1

    bec44cfe39accba3686468b2159a2c6adb4e454f

    SHA256

    b7833c773528b8a17a7e05ac55ae220f7f8e8324ebb4ba57193aa4ba30d43fa4

    SHA512

    8cdb7ea5e84925b39d2c41ea8060aa72b8061d5b14645b6cdc95afe7333ee50eba07a97f8b5748beaba0ceccf94851cf1f51ad78795dabf576426d51a80a7b2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c4765d00452b4a20d5472ef19e082b3

    SHA1

    8903f704e3efedba5af11c5d68c67576f2610c00

    SHA256

    a608527cfab7ed50e2e24adcc8304adba526282bb3ea5e2e0cb2d9595ae21603

    SHA512

    a35922dda37b8894581282e6209b9769e6c9625596739bc204bf8235021fcb942a9922b6c12e627b363e369c5da386f2c2653c4c38cf9eb0584fad8d5ae4b8e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab6882adf2464f1e8961efee3a4d0bff

    SHA1

    70fc3fd17617585e817ab18da31f6911e3781930

    SHA256

    fabbf2e567e8256265acd46ade53d9da1721872021882c262295ae19abe50ae4

    SHA512

    16c14f30faa496260454714e71552ec04c411c415cc06138849f236a7b5b53f458edc3fc5db0d34814d4fa27dedf2aff4a8b1c4649922efaa31fd1c924d921e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    668e37ddf8c78376cf33b7f994842e50

    SHA1

    b3683551c77f2bc6516744cc9fd1938296f92610

    SHA256

    798fb3f2038e083985c48c6f19633105750edf9283d174b0aaed42f445f10e1e

    SHA512

    c33bd70a021a294cfa1178cfe806dcf7c258b87e95bfe868bca5f7ac412869df73f13d127a760309e5b18d7b392da94e17247e1e3f8153b226b8b0d55990b432

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c99b7cf125bf58b448514560d00c2f6

    SHA1

    39d56e65a7af76c2bff06a66ce63e4c3106a1942

    SHA256

    f965fc29d2604753b1867ff6c30c5deb218ba9d09ebf6e03ae49a9ec105b6d0b

    SHA512

    c13d16523ed5214e3a22abbf4123e47fe67351a8e6a32c4a8a835bfc0a520d8d11be42a417817892538d30ed460fc3d9324356226379a53f9e8a5d8b0a60ccf1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39a84e60cad9b58b6568aeff29b54b4c

    SHA1

    5cdd3a67bf7c13284c1a914465de9836cb900e22

    SHA256

    bed406135b525cc9162ea0248dc0973cde3553f7bdf281624c4dd7c00547ea64

    SHA512

    695569cb2d41a63430b19bacf40e0a230f27101c01b2cfb9b6f23ef98e83aea439bafbaf136489a88b686f35dee8ed7759f1964c04a25f09c53b2d081584201b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71403c1088f2c8f6c67f6bef4a3d9499

    SHA1

    e9cf5d191875a154c87f5f18169608d857ced841

    SHA256

    e9f60b8f0dd2fa90722ed441d907cc72bdbbf7a4ac7c6803b3f2a8539a9c052e

    SHA512

    e739a1dcbf52a5910db6276b409bcbbe5b5f57e39762a12ca617c720d957cbc1e20b1f4ab01ec846113375c7445591824e621926533cbadc65efaa979dc96753

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6fa2fa2d6538992525569f96065e4ab1

    SHA1

    615e1821924be13f8b8349f53812d1cfbbd2627f

    SHA256

    8f9d3c0e9de3ea7a922b27744485412b11c01cb791dee6d526a353f98101d0cf

    SHA512

    3237f59c41d7a95ba3a2cebfd31fcc16b38e338e51e5f6b7224cc23035e77c7a17f073b94ea1dbe949fa0a678405449c5938779825f4ca2ea983d1a628673be3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    371deb1d2699022958e7103677221b7d

    SHA1

    83f225ef3d25a775ba81833bd396e312c09ae0fb

    SHA256

    b069ea3dd1757414f8da09e0f09d86ac7e026791f60414e9e9e964e1e57c0298

    SHA512

    a8df9b2406d38464b2e93c43952df1dbca9686b339c9606b79e9d9c570225d945dccb374ab3bd881386c18ade527d565832b2efc03301c4969fb469bf41c8c0f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I819HQXH\css[1].css
    Filesize

    225B

    MD5

    7c83a8d976c4c7ae357d9fd91348abaa

    SHA1

    e3076c140ec7c3aa49d14cf4c668d88bc30b17df

    SHA256

    462d5a4a422ce5b956b086c4395e0909416f316f6a9a9c23c31ab2778951578a

    SHA512

    1725e2eb4d12c6a68f4b35a112416e8c70dcf9b26193906a5ef3ae016a3bb5e0a665ad90693f19a011395a23bae00d5227b6525275b3a5b6d6a9eacb562e07e9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\coinhive.min[1].js
    Filesize

    1KB

    MD5

    2ec43720699ba70c89f5adf211fc3138

    SHA1

    798ef9a5855d7f56b51825856cd84ce0356cff0d

    SHA256

    39f7a131d7976b1cbbf08c89727ba5c1b5c384152ed65bc83198bca315be5a88

    SHA512

    ef8f3d359eecc4e4234e18ae38a5c2e908bf352ccbe518d35cf956d8bf38b699724ef3d673c984625c2b725640e5d3bda45e363cfddcebaec2102aad7a34c0bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCEE.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDBD.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD6E.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDD1.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit