Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

5fb1990ac0...8.html

windows7-x64

6

5fb1990ac0...8.html

windows10-2004-x64

6

Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2024, 08:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5fb1990ac06ae9cea7f933114dd3b3aa_JaffaCakes118.html

  • Size

    82KB

  • MD5

    5fb1990ac06ae9cea7f933114dd3b3aa

  • SHA1

    e946847b5d4c12cb7195f56b149a101e4110dd13

  • SHA256

    4108d69ff0775a9a35cca65024ca138b8a337a32c7526a7f4e5c9c4bcd04d62a

  • SHA512

    390c5ff365a359554691246cc6c68d5db1f5906ed9bb1912e3df7d4bfa249caebb46447a5b533e970b6428d69e76149808f70c76583cc5cad9f9cdfa2803f09d

  • SSDEEP

    1536:3WVOZOUYf43XhNSOYgEQHKw20lDgvz/jIeILOrao+Y+uVP5vZ0NEZ:fOUI43xN5EQHKwKvz/jIeILOraoZ+uvf

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5fb1990ac06ae9cea7f933114dd3b3aa_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2856 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b878623e19dce532330be42eab1caad

    SHA1

    9c5ae5e16934ab3ad0c39796dae3896e6a3c8637

    SHA256

    dd0c4a8319df28eefc70f8c4ae3a1de0bd3569966520ff16ccbecd9906cd0ab8

    SHA512

    2346466ce75868c3c99b766f358f9ea2c9bd8d54009aa4dfdc89c89616a24c329bc26f8597e3aa0dc1cb863118ffd2693df6aef3ee7ed31757f5ab54363aa528

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c33c0fdada408a2a7b97be01c5c363f

    SHA1

    9870548c6550529bbfab0130c6b196fb366ee132

    SHA256

    90a945e49940bc261cb5202bf16328347362e045365d962a6eb5b83c6d72d3ca

    SHA512

    0d117224525c3d124c0c67897491665e0bee4533252f2bbca8c29b7cae646db9d4b3a5e6bb5b65efce015a09eb1ba224ee8e62a5fb6bb48785db9d5ae38d9233

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    548c2d87d4b9d14c1d0ca84480aa9d1a

    SHA1

    76598dbd99c59fd01bb6f50e91ff88a85b8e925a

    SHA256

    03dcb3abc67e6ffe01f4e62faddc40486d66aa47b78dae44964ab8e380451164

    SHA512

    48318724a304500fa47ee2e0d04940c4a1f6eb56e61bb31b50b5b51748bc846d6227f3650f73376f41d020d3889db06401923ec0b8dd2768d029c22858768fc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81961afaabd1a49df46b48650597845d

    SHA1

    55bca87cfcf9e96761a6a397d59561cee409bc2f

    SHA256

    17be7a573c096c2458fdf92fa71c974a253ebab80aa28325b3f6a06ae0144eda

    SHA512

    99fba5b5dd3baddc69fd0c5bc220e33080e7886fdb5b40272294fe0f583f1a2db8499ac5a691e5135c8e93f56e204eab48acd378be8bd0cbeb8a4c12849d313f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04cb19081aa49e8b5484e0fd13c0283e

    SHA1

    47d02625f18035e94a284f826548834012893c7c

    SHA256

    f5d803dcdbd5dd0252194d877212b0e25c322995ac38e2d79ee9db3fb7b71146

    SHA512

    6866e9dd521c25e23b9e7f6943e09d61dee6859eb0dcbcf5cfb1d3eb857bccadcfe782293f3a44873ad246880a60cab5d6a12d903fee5b13a6fb65e4bb26eeba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b797f72bf09d468b0a7e1c85d156ee96

    SHA1

    3386d7f4aad0148a26d9e96cfc5a81f26f1f2168

    SHA256

    2c40b58beab7e4e1a9de5f645ca3310376d8f0260ea7504a7d35e587e381ee1b

    SHA512

    c847ae0b321166a093488865d4e3c92867e3b5b84a40d71ec62b20938f8b3adf2215e717a775a9705db25a90de8ff84ad91a981d1f85b2f2f9acd4dd338cbcc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0850b3851d9fab81019b866878c9c5db

    SHA1

    c7651b72cb96b34cb65f8ce3339a499199109ed9

    SHA256

    155528d92d4afe8387d517af1f73464c7ba41729c6964c8ddbb197cf208f9af4

    SHA512

    c0956f49968cda31f362a026b38315bfceb7d1d4638d491a52d7a4fcc1351e3a763f23f0dc9b73bfb0c2f7deab11eff2c74c61f34f794cd44125a4d676296051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95620bf02d73dd54ce8a520b51de95ff

    SHA1

    c687d29314ebade4a8e785f98ea2523aa549041b

    SHA256

    0245250bb73939855c287f385cbfab45ba55d7e39d6e781b542bca2f219110a0

    SHA512

    1d4be7c2abd0430231b806ee8d35aa5c2efabba4f745ceced92e3fc724cac9ed8e0f88d078af6324bbd98aa7d5b86c84ddb8d6fcdd11876b911a4f96f606c045

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc60ad3415b19c80dabc19fc8f847d7e

    SHA1

    9c7a72d7c5c72027f10afe149259207c16134c88

    SHA256

    fe8f343a0f3927c0a33a9b8abb7d956404a283ed3bc6e155614df1179e7ff104

    SHA512

    04b29a2e638c9ba70fd8d3089405ad648561363c87b83bd472bc4057cf71cd752e6898c248ad68b93563afd35bcbefdd32ca94a419a0003df8373c2fd950cd14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db3601a96b408369969dad9a8d3372b1

    SHA1

    f8d725f1df105c19121ad980a12c894ffbf6dc65

    SHA256

    cdb75d844cfeab2df356e71c80c439567fb597fe72e8308ec38e05eed3787d05

    SHA512

    19b67651520c60a7b30c5988f8d7b1b278386d9c62a738618b9c13d382c154caabade0e3380735c88da659467d7bb8f97aaed4851545ca714d1ced034d558da1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81ce3d68b20a333aab8e698333f62d9c

    SHA1

    0bdca08941550f9234c5cee676e5b7912e5869fa

    SHA256

    01bd47696f230267affb0e2a239873988ddfa10718ffa3039a11cbebad455778

    SHA512

    06715a2cf743f41b6f120e90b8ac096224833d5092a6f8700135db3ad1432fb66f16b9dd8dce132e5d4f9769d11ac8b79789f47a053bb0a6a409fdb32e33e452

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da742753352a23fdb31b60218f60a006

    SHA1

    2e8b39bf564b98399ebf9dc450221e6ecdc1a6b7

    SHA256

    d52446b1d5c0c175baca8eb809153986065bdc1dfdf3766f1fda5ae0069c4b35

    SHA512

    36c49fe777f1b73e406138ee83d6889bd2bb846f9b16ac527e9ded02a3f5029524651ffa3b5bb9f8bc5edba5a163a237b35de350664ef3ceb21b9531c185bf2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a109e63957c662843ffef371dfaeeff2

    SHA1

    d355a350ae614394a7caf8f471cdd4ef0af31497

    SHA256

    9c220a8bfe5bd8c331eae7782988b80653e9d59a06e42292a4ad1cf3fe77bd92

    SHA512

    36b1c5c4a8f6e4c5e52b9ee646498203a230e2ec6f5aa4f234eed8cfe493ee1a2fce72c7323002e2972fe6ba4c246c68f17bfbfcf9e9dfe023b0711c675618ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cc086bdc8453e1ca55c745583a70198

    SHA1

    97de5d077a16db66bae6b3b0cd3449d27eeada89

    SHA256

    019d8da31a70dcefbc6f2dcdb953ac77581e94ce0660f5e7a2ca6c3608d2c679

    SHA512

    56a9bdb450ccb73ee9d1e67a90e0ddda3f0234a390ad2269856125f15c2988725e565c0d130034a253e1f59560faf6ea9a4556b8a13688e8808f5e57fdcd85ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XUZ2JLF\plusone[1].js
    Filesize

    55KB

    MD5

    15a42f20a492648f7c1595ea6bc99244

    SHA1

    50f3505e5459985af041ec26a6b412cfc2dc1cb5

    SHA256

    03998e7490f0e8f7d8490dc68ee8020101ddb4e8418567dbaa93426d15b721cb

    SHA512

    e5f256c59f1d22526b3610789a178ad06a2cab4a9c6c4238f72f67bd49c416540d5af74bc651c39ed2ec2558d1391ef77c30e68f9de73d0d07f34f5fe234af55

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHDSWW5V\8[2].htm
    Filesize

    251B

    MD5

    13d4e6ef14c144a5732c8a16f07d3ce5

    SHA1

    2ff71998fe3f628f0e23ee13accaa7d4da661d05

    SHA256

    d82245c9619e575516401968aebeb93342e781e1a36fdd034a5359ef74e0de25

    SHA512

    dd4c4a8e9b52c5a01535a02ec174b18e19dc35ef90012ae8a87307480e3c1f192c533b2615e7ce2b86e1cf2bc82907ec18789252961952410948923b70b8fc8f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHDSWW5V\BidVertiser[1].htm
    Filesize

    87B

    MD5

    6c60754af27389e2778b3584bf10f3a1

    SHA1

    196be0cdc74708ee01c01f86a648c16573e18fc6

    SHA256

    ff2485a3dc35082ae7e3799388665929ffd72227191bf24b7c01033bfe19ddd9

    SHA512

    36724f44d31c798e9c641567f282807f4cb357dc7ed4a9ef8ba633d8c2f14477dac67f4afb3f1f131dd16489d615114486eddc2cc34eff9e0d3b3cc443fa464f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6BB0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6C5F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit