Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

8c41b791fd...8.html

windows7-x64

3

8c41b791fd...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    69s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 22:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c41b791fdd6e96c32b52786f4e71b5d_JaffaCakes118.html

  • Size

    12KB

  • MD5

    8c41b791fdd6e96c32b52786f4e71b5d

  • SHA1

    062d1e2407b9008946d3cd59de3586b85cb56a8b

  • SHA256

    90aa68fd8b08296faa4e43357897331b7e7720f824ff55694069b649e7076635

  • SHA512

    e33b40c0e9111e9ad33e8eecb6b37e8cab67c2dd97683c47421bdfd92da5530e67583d0cd7670f6c8580b9ec829c475edd8dbd29ab71a19b4f42cc4694d7160c

  • SSDEEP

    192:xEuHeaRN6qeXJatr886rPuxjOE/hj2nFelBDbmoV/i4d43KLeO2i9V:WuHt5eXJat4rPYjOUjVV/i8be6

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c41b791fdd6e96c32b52786f4e71b5d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    052cced5ccb176b460a296bdfe65fa8f

    SHA1

    fbcdb9f8a125065b23de971634203a4048e74178

    SHA256

    4f456dc4e5feb36cb7c1fc795733b7ef72b64a39e009828c7c738843ed53ff35

    SHA512

    2393eff23e7c40f76f75b9cca58ce2c1a9189ec74cd500ca18f5adcdffae88ec260e9694378a96cbc7a70accdd0332cee8f2393bbe5471d9b8dba06cf2300d64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0f0f663db30187761dc6b21134069de

    SHA1

    bf2df59bbe3a934d321a1549ba43fc0d692d5097

    SHA256

    6002aa08163544afd90d7e5a9da9e4a20ed05ab6120e89939f307a39a7f807e5

    SHA512

    a7a6a7679e8bf2e12c817c7a3a2c48fe0eeffb19be1a25cf436481ea5bf7c7bdde721008956e966fde30907eeb1df054bbdbcb2e485e42c6c8b3450366d575ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0145f6235853de34bf941cd06d2b931f

    SHA1

    21d7246be9bede407dfc5110b78ec949664d08f0

    SHA256

    308771532fb559b0026c6898d4512207e3e8673882e637aa0ae356d963369dcb

    SHA512

    11c9ec0b0762ae395d82a5e2a946b08ce4272e013aba21fad27e20de219133910f39c509d0b7086c119386ad3c41399d4065dad4fb0d7dce597c64f214f56395

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b761ea82be41b922bdaa9e1a3cd4de4

    SHA1

    73d7353b4a8bdac6502e88fd0c990e84690b2591

    SHA256

    a364eee05c667549c8a32b51ae6807822f5c5fd41d9a6a5fe183f1972f116ac8

    SHA512

    fc0c3b263b69c33a2db10602bde5e926e2be24b069f80ffcedbfe5cb121c23d622720c7148313f84a25b2056138b5a2efef7bba7fe384a44488d0904ac2bf898

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3583f9075ebefa31312febcbaef19f86

    SHA1

    aee736b9c74dceff005ec55fd4ed2b99e9fb7362

    SHA256

    5808f798427cf5ceaadf14d84322a580a92ecafba72c0e623ff31cc9662683de

    SHA512

    662c8948e1e3b9c7681836b8abe0043778d073e326018fa8565e309dd8f573fe4e635b2cf1d5e9881f4d69b3a03024a0311b80b69ed30664248d5af7acac918d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5d73e1ac6917a82883d77ed0cfdf560

    SHA1

    3f3de3dec259ff772ce6b98317ee81f839df0cdf

    SHA256

    894a300d9e38bbec8c86f53986b5f504b132a432d086fd855e97f15fea01793b

    SHA512

    f8260f68b139387238f510be9fd7f05f22cc5219c103c9d89cc5e3cc3cebab8b28895d3a073d2e142a991338478b4a51bdc204c17e2ff194906bf9135ab2ce54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6697671328ef18b90cd6337bee20c26d

    SHA1

    35fd8b6ae4043b9b79526da83f572ec6dff994cd

    SHA256

    adf910fe013eb6af9f69774a86943a87ceb104e85753c22d6b585e0494ae4121

    SHA512

    56a0f01b7a52af47328c80b30301a5cec784b36f7c54b770f23263036830d5af49d2b8e1618c2a25c59b25896ee0198daa70b89394f07f7e85731e6ba7e66335

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9db1f6886d924c5bd66cce5c6fd52d28

    SHA1

    653ba499b47391572c7f5a66ae96426665979201

    SHA256

    6063953aba7ebb1e6e51b1ce123e8db41f8ac3ec4da3ea7679241ef4bd6f6fc7

    SHA512

    62592926c4a022456fc10eeb56648635c3dd0a74825c57f03605e6885c4b453e115e714e021d9937648d616e5a037f82656cb0604ee2765045b25b6054e95371

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff0f3eb9da300bdc08a6f296f5d31fba

    SHA1

    e8d201095d32b23b3f19f7610343d144c98a5121

    SHA256

    08c44b0badadb086bebb229e00f5a3e11b54f102a4320e05b2cd7dd656d8dfe9

    SHA512

    eb9c1f920852d4700b201fee43602d39ed5c05973817b8a209e570763f4318671f91ac1ddbdced9e6cc8317784f2cc2147cdd54d64db9b06cfb289d42a2868cc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab699F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6A1F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit