Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

94006c0ba7...8.html

windows7-x64

3

94006c0ba7...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13/08/2024, 17:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94006c0ba7910a4fe0e1ba8ec724521c_JaffaCakes118.html

  • Size

    234KB

  • MD5

    94006c0ba7910a4fe0e1ba8ec724521c

  • SHA1

    c6ef59aa1e4cec40aa18cd7734db143660657557

  • SHA256

    46018e47204735197fcd2eefe73dacb9818a14ce806fb799b295d3e6f7d449c9

  • SHA512

    9c077ef71b30493b47821aaad56935fa88bd9ab296e76b60298b48935ea880779f0e7d636be783686a5a41a3ba31b74406438d005e591a90a0d504512e823363

  • SSDEEP

    3072:SfOyfkMY+BES09JXAnyrZalI+YuyfkMY+BES09JXAnyrZalI+YQ:SfrsMYod+X3oI+YLsMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\94006c0ba7910a4fe0e1ba8ec724521c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1512 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0e633ced6763d62342523167d3d171f

    SHA1

    b6c934495ac744e4bd8b9f46555e58319970a44e

    SHA256

    60e18484016d71bb1d5a16303b62b4daad211ec334210b23ed0a7c56f6376637

    SHA512

    ae582cc589dc9154136fcfbfac6a436583a7c490f9262666fcdd7b0cf0a3f9d30eb04514747c263a0989c08a5599df9e8e2fc0551d0d7e784426d4cb01079668

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb0cad751ee2dd9448745a0c7625eb32

    SHA1

    75b02b16dc3b74eab2c1da80ff2fc6b0072a78e6

    SHA256

    26edf0297aea945d7af07db187e0f649b8520c630d63d1b5af60f246f0643743

    SHA512

    1968246081d5cdd92976686c731409613422bd590297503dd8b37787686d4d090ef24e1f98002281c5ce68d35a43d254d9e8f784aa47f4343a13b2d9fde4bef7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c05c738d0deeac16dcfd69081eb3f3d

    SHA1

    a93e3bc63032d46ee4246330f89333c0eae710c0

    SHA256

    37aba9931c96f374902d84b34f9faf014bab363b222ac4b5661ee90bbcf89d1c

    SHA512

    f67fea6dcaf70cc963e734440e845810d695fbfcec0065a856e61ae73740b145b91af9babcf440e3635239f4b4f6e394d9b95620013100a5d2da4f3784fcface

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e21dab9b9ca9f91e1a30a0a2aefceb2

    SHA1

    0bc88dd1412b0f15667b42c261ee6258c1da7031

    SHA256

    ad789503440c9a2c3c81d22769a69a3b5d274d9497e3084536ea2e4ffb6a8d03

    SHA512

    817f6f0583756671e784e559f7f1823248cef453cd78f3383360d364ac3f71a95d82666f1ad6aa16a41e851bf560fb9e07953d79ed74396e11b478b6eaf0e259

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0982304657ab55fa57a18ef9ada0e542

    SHA1

    16538789a14bdc137cb46da6c29eb3ca94f046c9

    SHA256

    d88a6cf0977087043c88daa27bd750faa794d47496b6daa132b71776c9fb78f6

    SHA512

    dad30d63ad4ca25fc09438d8f86dc8773ab5f8262d0562be5d6e19726bf83c0babc255b9c258ba8943daa5268ff9a69ca0fd89357e0abcc3ba9dc8cd25675df6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60ece3eafe122eef85888548aa06985a

    SHA1

    9ec3ed10fa28cfeab2dc4ed5de5d3988f95f3cb1

    SHA256

    accc0c0a33335067683fadf8cfe87137e017a317ae0f950a883ff33f381b9c69

    SHA512

    0c21238bc75d89f5d681a115d4a3af3bfa9c7c09074b1ff9c8435f181415f2d9913e32e4ab7a61159b1eb610c57bf96519fd7b35709ee89004cb241af024292b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb091744eca332f70edb6113fc84c019

    SHA1

    aaa919646020f5f5fc395b1d9de042fe5dc6d21f

    SHA256

    cb4156c64941f02efa2a5a6f2aa94823a6e0db424ed4edbc901e52cd4f5c11f7

    SHA512

    061fa51eeb87b23f4fa0702b75ca48cb8b4f713f281ed755cf3f59740b4b46f4d730b1ea848e442c77fb3ccee98573da5159cfcb3635c088c6f906e89fdda3f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    931db05ec053c1d135ffee68948cb87d

    SHA1

    a32c523d8a54ed25463c360ed7272092cd455785

    SHA256

    e93ae71066f9603c231e1f851adde0cf320b62b3d809fbf7a76e1766e15d868c

    SHA512

    3b9b03e4e052d1d8a958485dc967555fc5ad5d4fcaa2803f8bb64daf534a2e420a889b369d1f4feb3f9f3f91c486cad022b3dad34d6f2c599b50fb5234ab7dbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6983e109eb72d4465138f7fc4c00c8b1

    SHA1

    42b7a6f07046dbf2cdf6633cc925536eae1d1f9c

    SHA256

    7c4f23b79c31020f181d88a7a86e9e780d5334d4a5e1bbe073b05945490005be

    SHA512

    657d7466f7314cd66afc97f9109ad462a98f78b827baaa0bf564b41e05eac43da52e0a89fc43e2cd29ae890efcbb788289643310c2147e2512e6b7acfcabe984

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab98B9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9938.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit