Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

8b5bace70b...8.html

windows7-x64

3

8b5bace70b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 17:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b5bace70bfcda74c04a06afa858214c_JaffaCakes118.html

  • Size

    78KB

  • MD5

    8b5bace70bfcda74c04a06afa858214c

  • SHA1

    77a884bdb2b2f71e88119049e891f3dfafd5bb01

  • SHA256

    30ee482d3e298d0ed5bfd0c32745c08e00b80f0c8b71add156519991e8876787

  • SHA512

    00709d16d065591581bb67c636990ac42fb8666c06ccfa30463ffb93a2110189841aed657ccd41843766524e55cf6752fbd198f84491a816672537d17403d51e

  • SSDEEP

    768:CXrNh7ye2sH/MXgyjCKocQwfuS/7GlIuKzNyGsaMWxS+unjmO:CXrNhybijB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b5bace70bfcda74c04a06afa858214c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:628 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7301aafd718bfec4cf24aaea1e02682

    SHA1

    4e506e743e9352430496ec6b833408b671f4eca1

    SHA256

    89f37a9fab95f6c5510714c2ad8a6698cda3b0e385b840de44ad6b52d05229af

    SHA512

    e4df2e7ec4e3adbecd9094e3d615a8492c2302554eab8d3d7cdc13c9681e7d87e8fc587070008309728c8168c1ad5558122df65965500abeff705250035be764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3859ccd50f69c78f056be5649448743e

    SHA1

    8555b7e563af537efea6efb2023f1c15eaa9c7ca

    SHA256

    0b06e712aa8ff766e9af2f85e44fef1b2190c12553f84a88923903b4426d872d

    SHA512

    0583c53a881c931082ed5dfb2f127c54a9a63353e4c737ff3ea94ad909254793c540f87bb5d8c7e5ff2333aecfa0d16b25ff3a7aa39a5a8e82d0ba5245583c61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34a72fd16a541c1c2af1c1fb6868bc3e

    SHA1

    91771383ded0cfea82a80be6ab171b5c309d6f5f

    SHA256

    f0f5360c0e856ceb180f605965476705ffe3839d3ca4ed39da153d6fc3263173

    SHA512

    8fc6cbfd52c38899e428bf39283049410ddf2edf6e36c88f705c2185a774b94ff3e0efe6553389d4f8e721757eb869a7e153ec19b72a52c02e2cd53fceeb7908

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33ff9fb1431824caecf3964f94706c0e

    SHA1

    c83af91cc886071451d5a4b53688ea7f4c05c895

    SHA256

    9d5edee10998b56709032a4c5a6ccd7b476778b36c523942701366841435f7bf

    SHA512

    7a2e50d98e62e37e93172c6df904d99297569895be3ff60b5196899018840254bc72c5aaa6ca63ca2219c292e50e0b29fa393b612b7a40f3ff2162801d533988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfbc8abd3614c26169260a1d64c86358

    SHA1

    cb3e16b2a6ec05f7656432b33eb81d21686ad660

    SHA256

    344bfe8d466072ec1f4604abd3f174fd5c8a29f3ec41ab94ab991b952970adea

    SHA512

    a48d2d992135c36465f5684e75859567cec651739900f1f460774f2f0e545d0d1fcf05fb8ee2cf5be2cd672d7737596a577dc0a360347e72126bf3eeac969bea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ac456b5e77ceac2f271cf2925c6d951

    SHA1

    ecaa999445bca350ab5e56d2126c8ed5f4bd0036

    SHA256

    c64c2a9b88a44b4072eaf3340bbfbb5bdb8a3e9e3d6df901d4922f93591556db

    SHA512

    aa252eab4c78fd13d4835dc3a718cc904dc3a397518c8221450bc15d3d8ea463e818bc069351eafae31261adf07ce354c6cab224a2f27354c082f9ea9b8f61b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e098da36853d828e262f73dc066771c2

    SHA1

    680f4f5fcd394e83a4e0589cb5370575967838e7

    SHA256

    4862955ec17d460106280361ee88e64975da752caba3aa36b118597b06f78853

    SHA512

    56a429462c2482177e75c356ebd9e44a2f954bdbd97366a11015140739c3a70415515f2b614ac1b06fa58507cbbe6c8012853e130be9e8c5037341ff43408eba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34ff674a5ce5af4f758a6bf0768d8c1f

    SHA1

    bfc301a86f36f93182e00a0b978a69f052c7d6ad

    SHA256

    c98975cb4ac3892551327e1d15bd94c3ef7e3b9ddc980b0826866fc5174a5191

    SHA512

    909b486800e0bf53897b666065aa20d93766e572b9317f7dc89456c77c6b9121d69c44748d26f90b59a8e2d4e8c68bfe25d11ce54044ac963e8159785ec9f7ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2be17b4ddc1d639ec2228d5cc6c74ce4

    SHA1

    7df7debea62640150e893b7002bca05e09beac60

    SHA256

    a7be0d8966526e522f6c06b9d93856bb8ce9c2d066692481040ce3fbcb172aa1

    SHA512

    dc93ffa11bd6b2788a19b44ecf5d4d414239b58e14fe65a8891623bd13c61691918c90a12c6c63d158b0b1356b1191d4f86e778e1f93894e09892952cafa28f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5b959bfefec17e6bc3aec0a3258d887

    SHA1

    c8d6d2e29233d39e086b91b7745e4d5e94562c7c

    SHA256

    7d63ef44461ff48689ab604c81aa19dfe8a2e97fe09559c1507f72aeeaf44350

    SHA512

    2c17bec8aa5f02002605c04fb1c4fb4fb990b4af499732b5330b8a70afac7ef8b98f4c03c65ebb43177ce738a0e436e72059d98b051eb66c1ccc97d03c4b669f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCF04.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCF26.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit