Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

4ffd1b32f4...8.html

windows7-x64

1

4ffd1b32f4...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17/05/2024, 14:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4ffd1b32f420a433db0add82dd83b1e0_JaffaCakes118.html

  • Size

    27KB

  • MD5

    4ffd1b32f420a433db0add82dd83b1e0

  • SHA1

    0a1a46e68ecc3ff5cf2f2b0511e33a783c855a8e

  • SHA256

    7e75e2890dd2afd13a06c99320f6b54c7106af3cf201a8924f0943e0b118d729

  • SHA512

    9e550d20c8a9052da2dd7049b3c5b791bfb4f78fa21c3fc41d251c12620842dc86d2c554264442b9d2431141b02e8d4cd9ec55c281801884072726120f18b4a7

  • SSDEEP

    192:uwX0b5nz+nQjxn5Q/KnQieBNnWnQOkEnt2MnQTbnZnQ9eNRm6l/fhQl7MBhqnYnc:GQ/kM7dfISjQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4ffd1b32f420a433db0add82dd83b1e0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f2f1d726e461f149cf033e2472333f3

    SHA1

    eca596660849ee77547bdfcf1360d503bad507d9

    SHA256

    78dffc541f0a79c946a70c8397d82ba0fbea7549a651cf98158c132a8f1f67bb

    SHA512

    5c697fc3a664a8061be1ffd6d41cffc66c57d06aab26eeea18c012448c48cbaa5f6dca6d700ed158d7b39c331b833b9adeaa0801db5759d4e77d60ebd3c07432

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d253dd6c8358866ea725dff29b8c0e4

    SHA1

    89c0771dc47aa60e0e117e96121f28d8123f4ecc

    SHA256

    b89228969e53468ff5ba232aa36f3b6759fe968ab687b23c1bdb1aae48457a7f

    SHA512

    375058e7db29abfdc64b5e492f5d3212f63d93f95822b05f798e1cd46bbbc4e46bfc98bfbd60ab4c8c39bb7e38376a5febf0c26ea6cce51368667ff5f82047e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d77eeeb2fd2aaa8649ebd5e6373bb61e

    SHA1

    ca0b845a485cca6d99e42dcfad7d8b948497eb31

    SHA256

    608b620d1f3df574d0b33df48dd4480cb851f9a3b7581a6833ab6bbfd49cd755

    SHA512

    bae27487105fc78fad1ea5f098764bdd4ed47c64d0042bb6bd470149439e7c1a354e60c7f8194cedec1aaebcd3a19d454cdd487cb2e1195f107469a931830f54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    588be8b003ecc2a50f483a8946772c29

    SHA1

    00c486b602e3a7f1ae94c1833ca6e103f8348ba1

    SHA256

    ce67c54e1d65c6f5741ed20132b397e748f631c78af3cc5ef528e714aca51c0d

    SHA512

    a24c979fed52a550930328cefb436f6a2d6ae54ccc6b74b9ac0f656dd0023afa2c1149924db49f2a583a8a1a7f3429cbb605532fea968f23c1ef585d3cab3b73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d29ec2081ced7fa85dbffd71e28a686

    SHA1

    9258623fb02f490f44d739a234535ed6558010e2

    SHA256

    7134fbc76c115fcb855c617a93ef55317a87ecc84feb330924464760edc7267b

    SHA512

    4718b6ead6a922df5e968db35c845374fc14131a20c43c69c1fe911a2a9ef2ca9316df62dcc562f640be787e289f63224b988eb030224558093ebcdfd86c5a55

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab34BA.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar35E9.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit