Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

03d9d6210f...8.html

windows7-x64

3

03d9d6210f...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    28/07/2024, 00:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    03d9d6210fb70fdfe0be113fc3720665_JaffaCakes118.html

  • Size

    41KB

  • MD5

    03d9d6210fb70fdfe0be113fc3720665

  • SHA1

    e3e9a5875ac489ea1d1982728c8014e8ceeb110f

  • SHA256

    9c583bce1d41769dd6090e13ae24888db0484af3d70b65aa1cd64d47556ab90f

  • SHA512

    f792cc72645a9daac54a14404ae4cdd5520c4c7fee87fc37dd63c5f622fea70e29337c2b6678f69e6c3b412f533f39e2025e68dfbece9d8d57d6529f1290bbb7

  • SSDEEP

    192:uWX7jb5ndaE8nQjxn5Q/FnQieYNnhnQOkEntrTnQTbnxnQqXC9AJEoZQhNqoJyfr:JQ/EeGQL4lg/m84qk60ViJCT1

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\03d9d6210fb70fdfe0be113fc3720665_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1244
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1244 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1871651bd2076a0ef7e3e0ba8ab93e41

    SHA1

    15f582ff9c9d6b1c1d6d432e6e36a7d27d718ca5

    SHA256

    14da437c2ab60bef57a976a649fffbddab02f0a30f6ae78ed451d4dd0c145365

    SHA512

    bd01db7185e0d6c96b8bd3011ebbfb1062c228fde0444af67ec5b1a8c23eace52facd22f7981788e19d3f575231d547ee67ee034b7d6693773bfc7ec96d8b6c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a67e64fcec2c0cc9d0e3e821449568c3

    SHA1

    f046f4aa133496e87051d9f5b40489c091478b9f

    SHA256

    8ff62a4c9594131d07534095c6d8ab39ac16d63366029714789301c0f47bee1b

    SHA512

    cdab12f92d24e5b5ac0fb520c4edfd203d35d9b96ba0a2f6a6c39cc22a12bab188a9202a602a7119599b13973e981f3df3145b6c0a0cbefff765f4d2a12801e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ff6243a9c7bbc54820ab7dfcc8bd970

    SHA1

    4f48f9aa2b7f5e032440d3b3e102145931233349

    SHA256

    985390e9348c5c142c8edb5d57cdff417b29cd7b879cc9a48a6de7f25b0e426f

    SHA512

    1049801d84541ee58aef81539db8413e865258acc0918278df4307c7a252c8d974baa250940ea39cdb09d4533f131cc409d71a7248078bdfbd394a17679ac885

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b645410a252282891a290cd867d1f63

    SHA1

    0194491a9a6f0d248cf6bb10d3fba56d594c3d36

    SHA256

    692f646bdab57c3c91af286f7c7468997bc666d383f335d09004aa3237f02635

    SHA512

    7ed0cd51cf94c94dd586ad543782a577e7dbded64154828cfe82c1c60718c8101ff1d758f1d91df6659e558e4f2871fc28907694f266faf4d033001c4bb6664e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed537b4a270680ead09793b3a50207a6

    SHA1

    002c59f66c9a8a422048c211f1250e02ddbfb4a2

    SHA256

    1e64561d036e0bd860b4e2c33625f669a470f3995aa08cc3f6fc18e4034442b2

    SHA512

    5582ed5534c8a8b41a0d9d66c5b7e800a20761c7c475db746ed4da3f2948129feadb5b065ac983b8fd213f4243470d1b3501fcb6ccf10023bcac27d362e9e8be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    80367c6a4a4fae70e722831b7b129d5e

    SHA1

    f7668a28015397690f2ab85fbe376d3d92d48293

    SHA256

    6c380ccfbe566faa32351e01193586fd7fa507130e66f4c0d44959b0ab8f80da

    SHA512

    086c41e2bdd2a27a2415375fbec84b3b791022280191c6837187c1fff1520f7da948af69d77f2c2f6131ae30d5a26a10dadd89ca132f30da3fad7010c8a0e6e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    887d3fdbb64b0d107c04f3868364745c

    SHA1

    5971dad6154aa1ca6faf8f36ad84628bd8ed73ca

    SHA256

    086bcf73d8f1015f76b7f7e63ae2f949feecee8efb97f25e188cc8546a13a6c6

    SHA512

    efca89bdc62b6d337a65cc233ab65abb54dd7ebc3b88a565f98ae8d3065954174cc18854d60ed12af39ce107b969cb3a54299173c3b19007aa098d08974968d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c7a39c85141367359f37bd93424eb75

    SHA1

    afb06a26b5229c90f7278a3300ba27c24a45d2a3

    SHA256

    0786c0bd8629d97844556db1aa59236ea46919a88eddcb992509d5c46c7f48bf

    SHA512

    da21a5f7451af8818f9f1ad6c31235a09bb65ef7616b4c3c7d92bc7d439e59e45dae3be28099147fec4e302ed013b7555a51f565c8a5f351909d03fbd0aa196c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d609708f2f7a1395ce0a74cae8fe7947

    SHA1

    8d70ef1d7b26240ed9861c638d4b0cc5eae87a73

    SHA256

    b5f3ed65efa240a0351fba6da3805944eb621e890cebd18fc3f1d6425590f042

    SHA512

    ed079a8d85254a8ab7745fbc1f98b626f46eebc7e5290e02b08597407e4e5f519cf0654cdb9a1eb3c9ac7b6a3a2de58cc46239743f51a3dde013be3414886857

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF400.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF462.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit