Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

9464b0c2a1...8.html

windows7-x64

3

9464b0c2a1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13/08/2024, 19:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9464b0c2a11e396fbc828f09b2eb2936_JaffaCakes118.html

  • Size

    159KB

  • MD5

    9464b0c2a11e396fbc828f09b2eb2936

  • SHA1

    690f29097fa4bdf5fd22365ead5532e3fb0644c0

  • SHA256

    c9c494d1e5861c393fc3ea2b00fe7ed35398f2520f24390bcf3d16c3e1038841

  • SHA512

    b8c7e7e2c3a3513f5dd72911003e4154fa8b95fde82f23d9c32cf9624525b04ca3faa29d7edb4dfdcc32f20fe3f050eb49e74afe1dc5542d6967ce6ae4cf9a91

  • SSDEEP

    3072:479QqaJkm7gSOEGyQoyf3qMiGUqWxGLWLv2HpsJoAmZM3I1WdYbzpl8plhr9/p/J:u+hJkm7gSOEGyZyf3qMiGUqWxGLWLv2+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9464b0c2a11e396fbc828f09b2eb2936_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2528

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90341131b1b442c5adf197820f2fe61f

    SHA1

    e0bf0d83ac3c612dae7bbc0a603fc20f78231351

    SHA256

    d9ed351e942eace874210c78fb339e5bc81b0e8b6c777227ea69d2b34c8ef50f

    SHA512

    41b851358905b5ae2a45300226aba2a57c0d54de318d721249feb9a1326c670d8e6e127f22424c4e7ec3cb3166f7ee5cba91d58c37f307579b9b6b172ad0b866

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f1d2b47457843fd4301c37bc767afaa

    SHA1

    7fd58fc0f04605e4600aa81a0a824d543c1453e3

    SHA256

    8c13c31a3cf31f854d74096dfb6a5b52aa00f158a2138859d0ca394347ffdc6c

    SHA512

    801621963843cac6d10db91c2a442bfe372abf730719a5bc9608db90c2fd89dc15a936d75d3d95474df0b8c1eb499d3ff5bba6e5ad46a3cb0aa1b92ca3ca0428

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38477576939326040cd82a20da50f64c

    SHA1

    cd89e30ae32da6093f79b5587f3aa724c9bb9192

    SHA256

    79b343ae7ae7a9b7ee2da176b695b9d4535b836f7bf8bec61772e4badf0ba368

    SHA512

    03c69d4f7a91fc37c046fe9e593688f6dd977ebf8c57b6b8b2f977d086b360558892865a31fc86e91d8ecb0afcff961e1d79ff08c58a26c4b3f7ed0e892119c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91a2672e5aa3b67a10a4fd2416aa6ef4

    SHA1

    80d6492aea762482b1edfc900a0c818cbb46f4e9

    SHA256

    c895b070cfda3b8db8f32c390be1d0cd9923c56b2509c3ca0b318a0f06117bf3

    SHA512

    4a3a1d26008fbf4407576dbccfcc5328f5b9629a1dd14d66c7592ddd5716be4d38f04a4ffb39e587ff989a9ec2de79fd03e3aef60fa9e924b91cd9b6cd3e1e27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd7e0652e69a511ecd04f7f6e4330665

    SHA1

    67b7ee76961c82866afa3b9b2912c07ec5e756df

    SHA256

    8617b9b9536476ffed485afb3df5a175691154df580cc515940ae4e5fd2ad8ee

    SHA512

    ff7d7771a68ff7ce8e43341442fdd6f69e86c61f10be143de902d5c81dbb79f564e9f39198f19751323eb03b054e8ed5959bd73c7edd0c2ad59cfad83905ebcb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    34bab3b767989d5486a3bd7defffc9dd

    SHA1

    feb5ae40c2781a2794b6365530ee5b156ae8e070

    SHA256

    4e89a970cec34997550e86ac7ec158110267d79e9fb75f5533f9f4fef33b6f17

    SHA512

    3db6d707485a5a3fe40b52773a21633081e5f7a261b08bb16848fc02c33ee2ba91e1f6bb08cae96c81487ad0596acf531fe88da33488aa0baecb1142355516e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2e4cfde7ee31f61b634baa5d0db2c61f

    SHA1

    676127437cb0079617f9b3fa765be6a9b8e9e9ce

    SHA256

    6a4319ba194df80e9faad7c4b7e302fee9d20e8cdd5f0758decc22b538ded025

    SHA512

    5e58c2d1b0d2e8a3f352d3aad31f1fa886fe4ff74510a2a20f3cad76c60c09c1be26e5c36c51dcdcdf26d809657c983ee5bd3dbfc8be9b14ea703de8f2739a5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fee8ceba269b62e5bff48f2d0f6a5548

    SHA1

    288e9bf2f26d46a7b5a8a2680fe62990e94c8d75

    SHA256

    14f1e0a20121e71eb881052f11109d2c393de3057f9ef2ffa00df64c84cbe524

    SHA512

    c21426901efb4c4f036bc9d8cd695d3f1d89c6d69d5100d6c6d672608189f7c69ed674b13dcf18f0c393e5de8a6198feee0d2193239fd22e846fcbd557c584af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    488029b8586a3c3df50f7afab07cdd0f

    SHA1

    1c729eb488844c245ee068c675d2bd29b78ea93a

    SHA256

    d0e216cf2da89a73f124082d53fdba401582def4f2c22b5044cedd8ee2001dd6

    SHA512

    a784b1a0afe9c6839884e14eb1eb8d51708aa07208fde500ebf4f8a49f68c6a1c2c979af64f46c961f555dc3d133eef4862315b8ff4d84b3fc49b9deb1b60d56

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA362.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA421.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit