Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

7905ee49bf...8.html

windows7-x64

3

7905ee49bf...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 17:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7905ee49bfe7d5a34e7a63ad9207c0e5_JaffaCakes118.html

  • Size

    160KB

  • MD5

    7905ee49bfe7d5a34e7a63ad9207c0e5

  • SHA1

    f4f3354096f4beddbcda6d0c23754eab07ab8ee6

  • SHA256

    868cad87e482a21700982fc784bf79ff32340dccc9938fad9558d99fa5fe8565

  • SHA512

    8d1342a188f9647e920240eb88af704cc0a959fb072f8aed34ee79172609e13aafc0003d3e51deaf7839f33feef271df20529ce48741613ee63ecb7e2baa862e

  • SSDEEP

    1536:pbMjw2fMk1D3O9Pj2fcLfBHA5uCLQkST4cZnWCkCp:sGctLri

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7905ee49bfe7d5a34e7a63ad9207c0e5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1464
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1464 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9add37302264effe2e30d4451ec5c09b

    SHA1

    c8a30f7c39b18c70b528ad42f7fa58d6d1544dd3

    SHA256

    257cc7866e3134e906e85d0ef04eaecf272955f2ccd0f53d2e65e7e46638a901

    SHA512

    b74d10b079cbedbe62275c760ffb6e4deeefe65bd37289e8246c882737fc855dbd786aae78a02150bf258bfc7ed6d7d512123febb61cf2a1e0396686e60ccac7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76697041e600fc7b70ae1442f9c13505

    SHA1

    c9686039fedc9fe7368f28f1257a7b4dbe92d145

    SHA256

    6e6202edb91df6820212fb7ab2ebcece1c3d4e2fa128648f04bb71aa3f95e897

    SHA512

    3e8c0bec3f355a954e2591a56670a549d21ea1268de70daab564e02dba18eb837e8085bbe62d1e791c6e5c629cd244ff56265668f5b7ed919f4e54977f1f5038

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d0ccd03b3446aeda8fbb4b6f265ca32

    SHA1

    11c21eb9f85b55d9ad8733887a67bf6e49673331

    SHA256

    e987def184bc61f953ae3944e7e57d71c7c442a7fbabc1f1a4b88a2c144b5b0d

    SHA512

    98bde93e66e059423f21b6e9975cc5d262932f973abe14426d512a0f122f0c913cb034a6a9df8b53fd75f02b6d51584464e95f4c333dac6340362a8e1585499e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a713060d848ee76310b7140f429df81

    SHA1

    66fd324cc9d021bbd619b3a5c64665f4fd347a0f

    SHA256

    f5e672bc6ad6fe9a803a80ee244539f00edc69df712810ab8aa8eebbabd81aad

    SHA512

    6185ab9961fcd847a2027cf531eeec1d0a2307c96564266398c0728c4b2f4068b3965596cbaf8dcd325008d3659c753ffa3fd53441d8dbb14c7790c224a0a900

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abd98bb8fcc9b793be8e0cf90d320338

    SHA1

    412e02310cf2ca01e4961a2d433df3a33728447b

    SHA256

    026026d914e3e18c4b7b7bad3bebcecc856d8e482d4b16648cb885b6eef6d898

    SHA512

    e4a8f110d2d9e1b654bd2de71a8b4f179ff4dc294952f47841a0d6d64f39137b5ded2655985cc73f21fdf22f2da4d6faef0108ac1a51ef0cc38dc25653f500f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26f6562515186c13997a816b4b819eea

    SHA1

    032270407adf404a8dde6c808a8607547f998233

    SHA256

    61f40e810985f21aca189640b4cdca89f2c587b75e4ca80bef0f64750aa7c595

    SHA512

    e6bda10c0b5314262c70eefc9f4f97fe6d1ad6cdbc6ad9d8edaec457b4bb2d0841a936b5ac53de608c90953ec0e680d64a8aee35a34f70082e3f18dc83c6aee8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b21d004fc5b618f33c001ae697539eb9

    SHA1

    190dc20b1e1557aaf6285e6a31386a76633ca434

    SHA256

    79eff2b700524431466f8cb5a7204942fc26d2e738a4c09fa1a3af37abbfd58f

    SHA512

    b4c650658ce1e80035fd25a9d904039bb77c8fc9136e93238117b408c4bc51c473af1d7153a33ce52022fa0f10646f9ac71281d94eb3202c38a0bb2d6d130ec9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2db926ccf9d880fa04877fe19dcfd849

    SHA1

    1d8772d442f564adb9ba6356f0ae821baed468e3

    SHA256

    b0cc652d409dce58b96ac027a934a51baedf071056193328a8e301de6e1fdee8

    SHA512

    2318b73ce7acf2a36c98f72218a7ea0e2ff962f1bf857eeb2f1d8f7f889cf82efcbad4f4877d9275d363fe5195968dc9444f544d8b59ed091ae8345bafd77a8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a372069cec7bc194be6812f6d1e9322b

    SHA1

    1974e23f56c8b62ff7d21325db3452792b8a79b3

    SHA256

    15e5a5d48a0733c22c21035e50d2f11099d9aaa3db028ca1e19956eafab084c3

    SHA512

    6aaed77b8d7939f10647a6fc254ec53c36ca77f3ef8bc975f2261ec1e795dce0bdcf8fee56071e5e330e32f9f718426030f73ce65d26d6633e6692c3c933388f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cfefbf431199eeeb5ac018305b28cc1

    SHA1

    1f11ceac6abaff0ef49ab9b5dc2fa320958a685a

    SHA256

    25c81f768834e1e2255f96c10f8af9d4264220b0c33204e45d3df10e4d15813a

    SHA512

    c74c1ed61758b61956f06b4e7062eb4596b4fcb60b77d2e974006059a8e874aa0b342fb5b891bdc4cbe3834f1dcbe9a251b4201a80975c512ab56da495b36cf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb71f25a4e1883f87ddaa76195d612b5

    SHA1

    543f330e7e6dacce9a5775df9281a5d9020a6573

    SHA256

    9d39b7607efb5b8a23e8c73354343568bdfd201b476c1f5da645ffd0a60490c1

    SHA512

    2133f1fa21072a314a3972bb0a3091ce35d8d1a5a8610ef427c2829c84c5a6ec7071aa3d8fef5dc4926427c6f1e3dd1dc8c27c2838fe24f066f8cfa448d4b858

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8317.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8387.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit