Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

4fa0c24b76...8.html

windows7-x64

1

4fa0c24b76...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    17/05/2024, 10:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4fa0c24b76900d29eb4db89cb01e576a_JaffaCakes118.html

  • Size

    226KB

  • MD5

    4fa0c24b76900d29eb4db89cb01e576a

  • SHA1

    9ebe42e48f0ef172e547473d2351c16f8d9a050c

  • SHA256

    72f6a57c861c9109f7aa56f49b6dfc50875b4deab82e984df761e1f9cb756ba4

  • SHA512

    12e7ff811106a150fa51ca940543f83036d1a2c072bdbaed958c320b714178707440240fc4bbce857f2b529ae375ba43dd4d8a79a39a72659ed38398911367d9

  • SSDEEP

    3072:SOYyfkMY+BES09JXAnyrZalI+YuyfkMY+BES09JXAnyrZalI+YQ:SOVsMYod+X3oI+YLsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4fa0c24b76900d29eb4db89cb01e576a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    844f6b6f1194f010ebe0e6326af8037f

    SHA1

    cdcdc9d3d1bb3a641b58f528c07c188ee9eddb19

    SHA256

    d937814a2f646c6c681cff7582bdf46e3e0d7286d9c6a8e4c737084909c61d42

    SHA512

    5f5ebe56b731f4482ec1516aa0e904e3f9e91f420937931b088ced0e08bba323abbede668142806c20e4d28b765ec25b5cf0829e57964112cb1055c6beb24e54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdeedb816394e12145299afedb50caf6

    SHA1

    0804ac1165fb2ee395a3e83a17cffe37e021bb60

    SHA256

    0938f8c9e94851591f30652714a2c0a54ea07e7d1cb57ee7dd0bde304608dc1c

    SHA512

    9215e420131aa05941314ac5845f358de65e8cc13aaf159798ddffc325ba5dfffce3def9cd000bb3d0c9c612ab894356697d8c11494255cb258fd1a0973f474e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71040c2867591e7ab35fb5c2c648dafb

    SHA1

    1f4e3b8d565a9ce717295ac54d121420e84356f3

    SHA256

    b636b836a1fb56f13c46e0d24a297eb4461a32dec1152611239798fa71dbab3d

    SHA512

    939eede9de769bc4531a3c05fa6b1a7c412d744cd2e982e337f4376377ce9772c37ea6a029b34eb7d2e25ca09d442125b088217ab38fa60a37212861aff90730

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1318bda1162b422076ac0f5556647e88

    SHA1

    96fba01f4e76f6cc4ed5c42145168b1b03dc2cf2

    SHA256

    ea91c5e523b016445e9d1ad676eec269425ed5ee2ba60db602a25e3acbb61be8

    SHA512

    2359d0c3bbceacd332766b6a03573dd14a53e0ecf5dc08857f6427c3672d2bff1dfcabfbfc29fc1184e44ee90d0fcef003b6ac752325155f672464932bb8490a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05f4c38b18fb92cd914c4ab6fb73519e

    SHA1

    892e031485bdd3c3e59287261cce29de0d641bdc

    SHA256

    20713235018324be0bfe90583a7fb08a8006365725847c57ac2cffe6104c7cba

    SHA512

    537cc8a5390a3a6069e4facff856845e2cf12770c6fbe2dd20e75f50d516076ab58dd9ff28df49c2611c13186b7a056524947cf8655e4874a38b554507878aee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb1babda1a17afe855f078e995df51fe

    SHA1

    eedb68c7e8dcf4832f499556cc53a3b7daf9dbb6

    SHA256

    5291dd35b7d9093340ba5a681d5b4b598492a53248b6d3a1584f84c30d74549e

    SHA512

    1e564427435354e85a0f5e8f333f07e7786a15c2e52145f49670fe3a8c4b35d95616a03b41209c2fd6c775f79f24f8f33b791d5bc80347d4382415819162cd75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e55398d3dd6d4b285181baf8e1aa8978

    SHA1

    e4514085d21b8f6ba7b35a2de15fe1d67cb43da8

    SHA256

    814e85998c862bcaeab28b9ad27fe8bd2a1627cd551e6b79a73e6ae15ec40663

    SHA512

    d3c31615313017323225a37f5a8813373c20147472579d95c5e6e30ab4fcc2ed0ce0b2a97c679d0b5b6a32eb8976ac82fc9056c5c47d1bd45912ae215e0d8d82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0441c0deb45891eb45bc4a34b3671353

    SHA1

    295cf8f6dfa1d28bf7e5122815863becbec9dd12

    SHA256

    04180a0bcd6e2aef0fa9b5e0b062eea706143524dcecc9968316da50f41ebf81

    SHA512

    b29ffdc33c61360819004540f7bc49186cd8110e9cfdf40834bb84946671e95c377a144fa0da64f4cd35cc8a70060ef5abd77d2b5a4239b094c63026c4f04209

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3ca3dcc89b15ece99efb4d7be66d3b5

    SHA1

    37028cf1cd12277fb05ae919e912a907aaddd2de

    SHA256

    7c12fd99a1576d390b01f4f3eb0bbed6a8735d0b2013f8dfddac21651eb53ac0

    SHA512

    e25a73e21b988a0a028bbcadae0add2eb33bca54a5bbfd5ed0b7e2d4a4c8c3d847cfd6137551fe9f7e773b20051bddb98bceae6712dec759909a0ab9f3ec2d0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5333fccd9d452367eb28d36db5d96860

    SHA1

    47bdebac9dd7422641a3d3347acdd7e9d2b2d03d

    SHA256

    f24d5c109113132ca76bef958e7b35551eb27bd39b55fb5ab53775e05c262be5

    SHA512

    4d884dbdc10d2088eb490d5bf4d5381a9f600f4405dd80130b4d671e363f6660aeb3a05faf04b4e71d33426734b9daa12fd3c28d76445a49e60c2db6762a3f26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ecb843a06aa9094895e6fd22abb479dd

    SHA1

    046fc21b2d31cdfe873892d6f607d140a4c7ebf6

    SHA256

    8c2f36c867a63b38b7f03f3153329e9f25f6c812b43ada553ee5a4ce34700f1a

    SHA512

    5af14bfc885ed32baa258c816307a9c6d462bb9133116ff9e1a8a87e5c5cb43ffa1a8349f4a719a86d815addbeeedd4db070b0b01fee5021fe402d00e39ab343

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab256E.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar268E.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit