Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

02eb20f6c5...8.html

windows7-x64

3

02eb20f6c5...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 23:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    02eb20f6c57411722d6f70faf2339740_JaffaCakes118.html

  • Size

    296KB

  • MD5

    02eb20f6c57411722d6f70faf2339740

  • SHA1

    39012eb627990cd3ae067ebcbf1bfa3dae7c6fd7

  • SHA256

    d9bdcd99c5332ae3a3914178af6729b7b9d8a7c90c64f234aa1863be777c3ad1

  • SHA512

    c3a7aa188f9868b5031d461019e40c40180edf1a52867e9a0febff8df9c46e43e001341a709dba4e5952c30ff2993609038524aa052cc6a463fd3175f244b859

  • SSDEEP

    1536:ND+SbTTF1SjTmFNkltM/jVII3IbIre03zHmN6oZkJLnvioIinOu3G9dE6AwBCCbR:J+SbTTFJFItCVI2i3CctiTCH

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\02eb20f6c57411722d6f70faf2339740_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d65dfe1054643f3a05e41635eec6c9bc

    SHA1

    9c19523f121de15732833c4a62b9d12df4e6b1d2

    SHA256

    9efaeef31d6f7f2b9fbcd98864c556ae2a7428bb880727f49ee37503c9216092

    SHA512

    52cfa1528e4ffc1f3dbfd92059969950ce1a4c8504435bf32585f196fa65a7d916f59c2ea1e83663e0b3e816716c9a71828abaf43f10bebf4dbf7ed610e4f010

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    787af834740c71c0157b8492af6bf672

    SHA1

    b3e8c48dc9a7e76e3c59e89a9c2a8387448308ad

    SHA256

    c4c63b00f8b8fd657aab75723a821bd7a24d2dd61e7e147a59bb867c3544ee5d

    SHA512

    5861d376cbc3aba91607bb9d792fc502e5bde66c3cbc2ef8c198e316879366d879d53c8b8b551d48cf23ee43238c810b6d6ab250b6ff7e0401fa6c0f379f7f0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    219fca0e828b5a8c2234bfec5df63cb7

    SHA1

    f5733d30cc13516acb8b8f84d94a0cf2429bfecb

    SHA256

    7667c45adb656a27ed5ae2e6cbac00507921267900be49ded0b6e60e12c1ab0a

    SHA512

    4330794adb15e4be01f3b5ff8285a84e285eab98c26c2284e1f89e49f201567f9d891e4ab2a57b86542a6566076bf988711613674263d16810fe12150260fa73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ea2d7fc68c16421a882e88fa0004df7

    SHA1

    cacc038dfcc205a27e776f9f1db3062ba893731e

    SHA256

    3537841d7e185b1480e7b6aa97e552cd6003196207706e1755600f0ba5665934

    SHA512

    b7b02559c57bcbd2b5dca121c731463fb5f65200ffc27c60e6cc092b912df4d256d98e7ce22aad1f3378f171eafbcc99596732843bbf8fe767fbcb82a132815c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0340ae698770a359329774682995cba6

    SHA1

    58d68b23750e1512f63d1fce9c881b698eaebdc1

    SHA256

    f4634cf695e05cc39071bf2e9c63f8c3ff9f438e2e49dc38d9003e932f377a7a

    SHA512

    4dfe63de113792f29e765e47b73a40e8fe529348d6b23f4769f11d5c7de728eef1351daaec73c96281d6a976abf242d5f727e1418d222bca3e43a447d150b61d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bdd9a719bf3600fc4e0fcfe8fbb9381

    SHA1

    77c06b74768f442cd294862ada0eb4bf612389b6

    SHA256

    f54e2871aa8515d5cb5b4735502515dcbe4ae062556b444dd0859cfa95e983da

    SHA512

    c0923def162fed8d5bc2fc1d94687a5ac94b383d0e3c1113b40f3b929c564d14b15ca1a2a57ea2d78834862eb60e94b4ddc36447a7deacd4482e72f0283cdcea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0e6f36447a2f2520f8fada599e06af8

    SHA1

    c681d92fd713ce856e1600ff4f98a21a10a0f327

    SHA256

    bd5dee4fb015bc3f469dc52a102b4af9c668968619caabdb16442a6c5c3156aa

    SHA512

    430bacd33af77c39c75c84783af0522cfdef439e84a99df2b812de1c319de7959f334422adaf1e8d355d52993e6d7dcd78770cef672012b571f7fd086a79a65f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a39028d681103d2abab18ee9b083f252

    SHA1

    abbc8e89c50ce3c3820a1a1ec7eddea06f92ea7a

    SHA256

    5e927c2079748a813428a6502fb4c6accbe68fa62ef97c1ed19eedbbdd25672f

    SHA512

    216f5935520db1f4945e701aaf735a14f59ff1a46a15feceac1d9f9983f34f41e983283b8494747140cce8418deb4d3d3a2938bf9cd0909e69c5b05d8e917af7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d5627419a5814fa404cec0b4e728e16

    SHA1

    d093c7daa18391a5d6cbba533b41b16918d5f6af

    SHA256

    3c47cd5e8f46efbb21ee8adfe1ac13333fe80a629ec9f5cd8c504a1fc98d7374

    SHA512

    cc9b514ee55a42929622899a592c6105609dd15677ea8dad62afa7b453471606abc0ca5c40cd4d87d8a8c620d27883dba0921fedb1b426500fc1340c348abfee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2e613c5e5affd34f96e1b4ec06e98f2

    SHA1

    054efb1e4ba3c3a947a0774f774c9ddaf4d3ce5e

    SHA256

    6e937be5fc8d6b48144296558df3c0f6eb79a9925e35a9dfe29444e25f62a7d8

    SHA512

    063ef8f9c4f9cbaa9ef13feb9715c349618ecadbd7c788ebb5204e015c8cb6a07548f681c2d4a2c9392edbedef6293822beec8f4de0d27bf12104728dda7c03e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a9be9c31963d87841e261234e27665f

    SHA1

    238199b320f599bd70d931d34c44288a0d3bf2cc

    SHA256

    7c9543abd43ee1a027776fd7f049f408b12d52b6392642bb923f6aab5b052b48

    SHA512

    2648bf4cd0f96e3815c77db5c6127d459e95d3c3b45c05a01c2204770c79161b4c2cc3e827ec2d67c11fcaeb5c07951290909764a680ae08ada9fadea637f7e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8a43b186e6fc123fa1b10e0900dcc94

    SHA1

    8f2935a511e123272b7dee8f3668d1093c44c255

    SHA256

    db05a11ecd876d4a8cadd666fbeee70b78bb1ea916556afeff59938cc5c8cd34

    SHA512

    7d7a4bc67bf9b37bd263dce4d844e81e62ffe7ee13f4cb567547ae0786fc2396624d92a59a3c99f374faa14f56599d76dfcacf686d681bfedd92f38cce24b561

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e19f21c49d69ba32d60730df5345089

    SHA1

    1dbb739315baf1444cb046baf3b3f0b8fb181771

    SHA256

    c1220389d09d7449dd5ebafd8778f54a5de8e5abceedffbf3d711301cfcca302

    SHA512

    a3b85caf870a30cb65ed5b3075ab1243b84dfac5f3a76394af0e3d235b74e328ed9e688502f9a6d97542b6fa7fc9cc334ae33c6bdbf586a885b93618bfb1f546

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f43ed07313df04dd1adb1c98710587b

    SHA1

    88b74fd73b696007519bb300e8490ff15096c2fd

    SHA256

    db614cd5ce9b6c094ce39670ad12d4a869100e52644d08cff865efaaebfa3c4f

    SHA512

    51522720d3a7878b613d956320c886abc9372df9eca5dda69ece8f0cf011b922c737d401d83db6b3801341aff56be62d6a3730826000fa6ca678829b849d5c53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ff19fdbead72e97b70362cf0ca360af

    SHA1

    ed5f7ad8868832043d7f25ca06302fb7359fbb2c

    SHA256

    589ea5c08564f7a14ed6419602837ccfb04e1f80133f0b2fb0ba3443f20c9494

    SHA512

    328c554ee56e89b6947f07d49b0122794bfb8023e05bfcb3480ce6a41cec7995ac6440e4604be0aef89496548148c7adee24192798bd6ae8508119aeeec46162

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0d719ae518e48041fc68ce656dde4a2

    SHA1

    2627f87b4e6160bd82b02a892cbac9bbd91cb040

    SHA256

    85dca9bc31bf5c1eff20472f47b22046554ea254acd3ad647ef00f3f939d9b15

    SHA512

    1b1ca2de705d33c6cb0139e2161dc4baddef9fd3d63169c07e0ae827767720a834662b7fa4144684b8a148cdafe03e202a32376f95c26a1358e466a4a4385024

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cbad7e725aa8cf11f19dd6229f46679

    SHA1

    d01c05364de64df92c5b2abb5f377ad9deaed134

    SHA256

    107eed3f34d0f03d0a18197c45a03a61a9c6debe4355c6e3d6f72807d80467fe

    SHA512

    ceba1be25d93790c0c4bf3407e3877204d19d7f24e3a9c8dd18fa1f1e0c2a0148e242bca18ad6d9eae20d5e6f8c191ddcaeca39d87695510fc7ac084cc2681d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2bd8df1d9eef577a57eef34b698e2e2b

    SHA1

    3c91330a7fd2de3c0904a0a1c44fec85e3bdcd3c

    SHA256

    7be116e1fd256cf2751112692d7bc43a4d6e1c0622c4edbb90ae29e1113e83a9

    SHA512

    0b0298d1fc5d99fe7fc36e55083fcd875d66bbf0ad5ca0972ed4f3b2f5d3d851952ed8fad8f1e655886f91a235259f2748cbfbb9e33a2b0b22e34dcc00f800df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61f64e35e6a7bfb6bdac66e49cda42b5

    SHA1

    e41fb4d88aa7ee42f8650049c4f40a810a2d4467

    SHA256

    2fb9832c8194637e3dd22198d1589555488f5649f9d792aff0b8c7d7740ba580

    SHA512

    374a892e021df09aa7fba691fd397644eb7f9e531e7f98ae9f09540572e9afaf1a670110170e84cab2251a8bead68b30072bb5f9f11477e93de422f9c4ec40c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17afa09c6e9bde83a61105767c68a5a4

    SHA1

    caff1c8a2709be7b17e64dc19c80ecd9d00daa1a

    SHA256

    0c0cc2e30c0e84cb88b86a5ed2bd171bd2ff698f505fc3cad507bf166f22dfb9

    SHA512

    5b2cb43f3de47decdddf48a12e94e4ed4d0bc27c93d9c645c9b9311c5f427aff90c46927936c4a59af077f125fa4d8fcd7894426dd72c3bae8baf653729e2d21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09472c58e1c8ce06b401d92ad0560340

    SHA1

    f90f8a94deea2d6194ef2a0db5ebd90b25b73641

    SHA256

    a0395c1c59e7b8c43d37b0ee2f85ed1b63dd6de36e7c93d516c36822db12ddca

    SHA512

    003b17e35f980513b63cc940df69c65fdda26809893d6d0c3930d47512752ee89209bdffcd2cd6c7c9a96e2012101ccc809f8f64340d3fa8bf7e973b2be2cfd6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GE5J41S2\cb=gapi[1].js
    Filesize

    67KB

    MD5

    b4b711f3e747704ffe02b49791ce8cac

    SHA1

    ac7ce4cbd3c8ee66e3c8d9d209c1352c160c3b89

    SHA256

    f65bf40e2f0ce993b54772f703f72d53f0fa925457346fa8ec2031879ffa91d1

    SHA512

    b738deba57337a9147927f7dd35eab7c999dea6d2ff11f57fdc2e5b6f64326028a54778886548ba128a3f03ee333cc9e43de5162d8b578b85c290626577042db

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLOK2QLQ\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    f03c96248811fb7bba5b92a7929fecaa

    SHA1

    7938e96aac5714d34a1ba76972f79d52b5f403aa

    SHA256

    dc138da7a3e8f2591ad7e46811e2681412705798dbc3baf5b08b953b6be7afe6

    SHA512

    568fcfd183f1d8c92c28257b9b0ab1e9ae35c445aebfd56de7dc4c45db129972f3ab4bdc6d58701e421bcb8a14e69a5fe77449c853cf49a612ba917fd0bd9fcb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8I3CVQY\3636781319-postmessagerelay[1].js
    Filesize

    11KB

    MD5

    228da4ee667de7d4cc8382d5b94f9fd8

    SHA1

    292b62c41fb7f7771cb686e7f5cc7ca0d9b7a1d3

    SHA256

    8e99352e0cd0d72871f3f301d165edc14fa22f2aeaecfcd95c81bcf1f63cedc2

    SHA512

    0c9002ad86c7745064afc7d218f1b6f278b45a947c29dfd120bf9ffd3906e5a6e926cfaa5a07af9f2c26dd0f9b9e8c8d81fb35a959314547d54356e28f6f5ca5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab29E0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2A8F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit