Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

0a1460570a...8.html

windows7-x64

10

0a1460570a...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    24/06/2024, 18:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a1460570a3f654d07caa2b7b598273e_JaffaCakes118.html

  • Size

    126KB

  • MD5

    0a1460570a3f654d07caa2b7b598273e

  • SHA1

    059000395799285ea3930121161bdc25329da829

  • SHA256

    47ac5e5d2ac309063d2db4e57962ef55bf52f2b29769011de17b896f5ac1d8f2

  • SHA512

    cbc4d64e4b8202dbb7e3609c6fd17fa84299b968322ae231ba95293cdcee0c1c2d5ebcae0be4680acb2f4a086baa789bc3b95579993149aad45b3d7be7b16318

  • SSDEEP

    1536:SIdgNZ6yLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9w:ScgX6yfkMY+BES09JXAnyrZalI+YQ

Score
10/10
ramnitbankerspywarestealertrojanupxworm

Malware Config

Signatures

  • Ramnit

    Ramnit is a versatile family that holds viruses, worms, and Trojans.

    trojanspywarestealerwormbankerramnit
  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 2 IoCs
  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0a1460570a3f654d07caa2b7b598273e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Loads dropped DLL
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2164
      • C:\Users\Admin\AppData\Local\Temp\svchost.exe
        "C:\Users\Admin\AppData\Local\Temp\svchost.exe"
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Drops file in Program Files directory
        • Suspicious use of WriteProcessMemory
        PID:2592
        • C:\Program Files (x86)\Microsoft\DesktopLayer.exe
          "C:\Program Files (x86)\Microsoft\DesktopLayer.exe"
          4⤵
          • Executes dropped EXE
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of WriteProcessMemory
          PID:1328
          • C:\Program Files\Internet Explorer\iexplore.exe
            "C:\Program Files\Internet Explorer\iexplore.exe"
            5⤵
              PID:316
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:209935 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2760

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9044f4091d1ddd843d4a8d7c86c8f34d

      SHA1

      7960d11e35854d5acd526746b76a107eb3d4fd09

      SHA256

      c096bf1f8b263f8021b9e0a4a2159433601b739c9c326286857b13d5a68b90f5

      SHA512

      61765325159f0ff819e7f749ac232a40e19efa42bba24b907d0498b6524acbca792c75b14de3a6a1ca346f2578f5479d8b90eb67547ed755e0c2291ae285810c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d8dfbb5d1dae31034c3dd00d33aa7714

      SHA1

      76cb2cda7aa3972e52b6b59ba1eae2095c86efff

      SHA256

      38d6adad996aa09b55d0541237e17920389f81c7973f42604c3cd0189f381a96

      SHA512

      2077470c4d42ab6298f97935a9541c64165680566a5f91a2d71f0093fea99aac430970286df407584ae7f3bc05b1d39fafb8476b212e31b699b8a619b01c5229

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      0d61241bd7c29254c3b5669a90807e65

      SHA1

      42690e5d17b4b668fc57aa5d000c9939c3c576f1

      SHA256

      0e420f2f3dcbf981c07e1e8c5088378aeb6e15bb22ff1d258f6267960af79a65

      SHA512

      ea8097da9c80ad326a06a649968dd9ebd5c51225e3af9862475ef8c83348fb6bf572bb5b47cbe0674ba1f9494cfd994b65010205785fa04f887a894bcd269009

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      ceb126abd7db084804395e6fcdd70cbb

      SHA1

      97343e6b2739b6a21bab462a6a15be9ed230987c

      SHA256

      7ea71166df1c692ed289307c113c8e87f391c741f24cd74b422bc28dd32041dd

      SHA512

      c2b9df39d5c4c5b4e06c28acb5d02a17dba017ecba5ff4dba9f53da867f73a31a3b585cd7b5e5183faebb81feddfbb1f4f9a3a149c923068d8629f580494d407

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      75728dce176f067de485b5353f027f09

      SHA1

      9adb5ec56779b7787b6ef6e037701241b2d08b9d

      SHA256

      947c7dcb7da56d313ef9558fd2edfcfec3e78ac9d4200c8d88d9f1454628ce5b

      SHA512

      67c20ab16085c4d5d43650bad50ba499816488aa1fbbcb27463c796d9d6606ede324beef59cf2f26af08717037847c2272db71945096ed4f22c7cd6914206319

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4274692b271e6b7da9907ef902fb70e8

      SHA1

      f1d39afe27f36c82f85f59cfb1972e60eb1f01b4

      SHA256

      c88c82da875182319f1a92c0cd32d041622454dd6b9e64107ad9385d9d27065e

      SHA512

      663a5393db8d39b0f3ab6c665fcbae85d2462a9a8612a59ba4d64413f4770b35b2419d2202a5c113d06a224c8fe1bc3410d3aae71770cc4ca7b83e8e37bcacba

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      28019af363ce6ac6141afa74600aa48c

      SHA1

      ac5d39c59469eee00247dd303a3efdeb1408409e

      SHA256

      65e15b4936795531940df510ca5612b23945cff9bb83eb8212b7e2c4d9feb1e5

      SHA512

      55366723e409812ce3ac926b471c65a52653c1b1d28e6218a7847ce99632e6c33938a4b9955726e126730243937817363e6d5c6a53cdaae80dbcbea87b52a6c8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1f38d7cfc7d51dce65a67a59106f7afe

      SHA1

      3a4cc278b8cac16af64ea8cb1da3476bdc0a1d88

      SHA256

      c972d1e17ca6f5dd547ab5e8284252840fedb2ba6b63ab044abf110869ee8a54

      SHA512

      cc378973d029b3c2c175bea2c73619412a0e505047bf33fb4fe19bc01387c7a55e1f4083b69d3db60daaac98baed12f3a6b1588e8509e207dbd40694a9a67079

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      803f4f3c8cb8d37bd99a736fc32e51dd

      SHA1

      dac7012d4bf4b8dc3ea6986868e6cbaa13a86781

      SHA256

      8fdbb8e37f69d91298cdfadbefa60816502c5d9964a591802a9dc3985d7b641e

      SHA512

      c94956d207b68bd148c64fb5bbe58c96393d9074df11d5c73a546aa32666a0cc85bc32afdd87157f46179dc08f8d15e4b54f46c51f1146903ab1d03633641608

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      72d9926c8f8583b1558bdbde1c922bab

      SHA1

      898ea2e9acd4e11d0b59046103ca7337460609f0

      SHA256

      60e339e31571378f6afcc56d20a0ce51b7bc189b0fccfd1faa7a94b4bd91afe0

      SHA512

      562e62a3e2d110c7adee51d0df1340a5d23e2cca185e5f6cbd2b8a50d6c6ae5d77882bc34fa0854bafdebb878b6bae8b8c492aadeacdbbec7ee23a62d3cce074

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      670a2eafbd4cda75beab5955d9c79ea3

      SHA1

      39a79425708089d49cb8732bde8af824628e49d4

      SHA256

      e938d868d039f59e8fda8a8a9a2c5f23a6d81237c2e93cd211f879fc39e106e4

      SHA512

      a24f5d0f48c462da490a74dafd93e137a49da435890fea1bb151fea617a4f548f2c9de447110c6ba9d5b364ff950e5f24b7cd4a1bcec419e695a2b823c5cb7cb

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9f9324d94e225d680079a128135ab769

      SHA1

      e8ad3baa1655dbade5f7b4645e4f386733e40ab2

      SHA256

      b53a4afd1c5883419955d2fe198803a3f0b2d61c936bb2e9476901560219020d

      SHA512

      72c215650aa3adeeab1e66bde63451d6417be5095db855ccd4443e5a6449e65578ee8f8c4b7e6bdb9dcd976894e930e2e14df45530be0ee68a293c545de5c736

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      39574d2289b82015616af296692af58a

      SHA1

      a525add686167ba876107f71b582dd9b19ed30d5

      SHA256

      8f57b14708e8a3511fd7fd8b661dd7373d1b8a757297aa523ff5d0c5bd52e324

      SHA512

      3a34489ac282d9bc21d90a4efb56544b18b763f08284512989acdd8c690748d0ec52942b40f787a1f94b0dd5d97abb05ac0b41e2758ce0f0dc848d59a8932835

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      965ddaa4b8d298586516ec5b2ed174b1

      SHA1

      a50947aca426001c7ab267c5807dac1c91e6b175

      SHA256

      6e2cabd0f3991b52bc1eb036ee53a0a480f0edc160e825edcca066d1a1fa9c76

      SHA512

      715b1c6dea65d2da861c0afea933eaff56ac2bdf6562bf1ce62cbb19f1331e10da54a622c756dbac306deaff34415a10d7d0928cd2d794e0517d9471cfa2248f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      4593f791c9151fed06487e008c68fba8

      SHA1

      d3f994f9b37254cd3fd81aecb7bc71160a2692f4

      SHA256

      73cc2f7cb09a5874c582a5b6a911e37e85994eac743bfa2b148ab0065156df17

      SHA512

      f063266004ca3a85c5a3b8682be63761a4d82b5c8f896710ce659c6351c5f9dee23bf58336e119fe0bdcecc09565fd9264b360ee08deab3f4b92c8bf5f6bb53a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      69426e3a5af661c67c78c57d5c0cea43

      SHA1

      1a84f0c80f86355dd8998be54537543659b8240c

      SHA256

      a394c023ce67fe08351c694dd58202e510ae3a1d782488c194b62158ae20eb8e

      SHA512

      79d7e664679aef98d2cb79436d74eae62b459ac3b44803f2d2a7d8d37453a43f5c407887c9264f1524fbf0d65e250c2328dc7a4bd2d0a65dabce8e682533ffd3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f5a0c5490f7756360c265659448aea7e

      SHA1

      63cdeeb57971805485b4f9abbdb888fb3c3b8f93

      SHA256

      9d7d5a1f7ad0fce948820eeb25f4f5886d96a96f3bb21bab5d8ce2daadfc97a1

      SHA512

      a75b64c7c15538786bcfdfb425bed3982a4d06ffb1def6668ebae00a480a65552c5629ba8983a6fe0fc47d93d4d546de1a59175a1a75bb39107218222f7f419b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1d3663cbb948be91e9ea3320275d5ef6

      SHA1

      45b9c5834dd52b5213120ece32db65a41ebb14ea

      SHA256

      f6d0e417e3ac37ee13fef05bf0c02890c8aaff36474a1c42acd4a97bd1709006

      SHA512

      23bc1567f880814c2aec109b80364fec92baf5c00a44b8b6c4dccad0833cf52a9fa29c00a90a055d09bc9dcb7dd52bf71e740339999d71273b4d4a794a89433a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      dff36faf47bbc973811bf775437a0bae

      SHA1

      21f0004a4d7ab33d28fc5f75aaa6ae8e5c87d162

      SHA256

      b12a1ef783c5e58f19ebfaf51d5932df9723cc404731c63813e0eb98e3233297

      SHA512

      8294138c8c9157db802d0053a637936d7edb815ed4a51a2f04b6753d1d253d95b0f217a0b23bbe77e59c51d974c41295149d9639c73e5c9e5d33a33e4a229cba

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabCD4F.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarCDFF.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit

    • \Users\Admin\AppData\Local\Temp\svchost.exe
      Filesize

      55KB

      MD5

      ff5e1f27193ce51eec318714ef038bef

      SHA1

      b4fa74a6f4dab3a7ba702b6c8c129f889db32ca6

      SHA256

      fd6c69c345f1e32924f0a5bb7393e191b393a78d58e2c6413b03ced7482f2320

      SHA512

      c9d654ead35f40eea484a3dc5b5d0a44294b9e7b41a9bacdafdd463d3de9daa2a43237a5f113f6a9c8ea5e1366823fd3d83da18cd8197aa69a55e9f345512a7a

      Download Submit

    • memory/1328-19-0x0000000000240000-0x0000000000241000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1328-16-0x0000000000400000-0x000000000042E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/1328-21-0x0000000000400000-0x000000000042E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/1328-20-0x0000000000400000-0x000000000042E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/1328-18-0x0000000000400000-0x000000000042E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/2592-9-0x0000000000230000-0x000000000023F000-memory.dmp

      Filesize

      60KB

      Download

    • memory/2592-7-0x0000000000400000-0x000000000042E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/2592-14-0x00000000002E0000-0x000000000030E000-memory.dmp

      Filesize

      184KB

      Download