Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

a21aefd124...8.html

windows7-x64

3

a21aefd124...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 09:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a21aefd124b1079fd75b816cf0605039_JaffaCakes118.html

  • Size

    87B

  • MD5

    a21aefd124b1079fd75b816cf0605039

  • SHA1

    e9ecf837da07c627c9aed6727cd7e4f6374b6935

  • SHA256

    69bc9c3781ae6ecfdc8dac6a6132dc34ecff464133bcaaa01604e2eb0e751861

  • SHA512

    8e5396e3e98ab11ec5275691b4ce25f8907d15011bbfc81ecd8f615dc56e68ed61f02763a0cde40505fedb96fc2101a634ba06c58fa3a8acae1cdf342b012b56

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a21aefd124b1079fd75b816cf0605039_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    391f9eb02641d2263b5d09ae22522033

    SHA1

    f32d6e07e03f3ce953e562361b1a118a380c54f5

    SHA256

    a1bc9656073a88c516e7e2123fe909c93c85a99373c7d8cafacb91823cd4d92b

    SHA512

    18971b1c7f7df4e71afd0b2090e194407bd544a70c71f7c92603c77ffc33238cc12620b86a5657f5d05bfeebad226354c83f5071d83b5418b6ee08086ba62626

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4ab84024fe77dd2edceb2998d0b824c

    SHA1

    14e3909d172a481608037d198181f703e01c9cbb

    SHA256

    43db60d97a506c70c7bd754feb7146a2fc370c6a2ebaa57326fece5ebe603f1d

    SHA512

    c536007f51c7e7e800de27f5ccc8c52b932b6ecc13f3c68ee02692a0aaa5ab7d02e7c19833708375195bff7804b5c01c3b2c61f00b5073184bda656fa3116e28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8005528073c87267e2fd8126a66ba3ce

    SHA1

    7c84f3bbbc5a9b910b12189360623164eba5a03d

    SHA256

    eea199d53afd3a943ec3929e6d9d2afb5aa0a321c92c0319bfaa9ac7c3f13e22

    SHA512

    61166d9ec1b8120def7dd1bad9a69a6d1e33ebe4977fe9b1df5c9708856b97b3288faa41155f441bb3b1dae9b5168a310cc581513f5dd1a97bee676851b83b64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03297790d2e5afc503117f6b37e42cd9

    SHA1

    7f4fd6c7b8721407e53d55e60a8109fef0d93f9d

    SHA256

    5c2d1fb81397f99431353d7cf30e00d855f8185b6d3ae116d90a19e8da5e20b8

    SHA512

    87d3b73d91e327d2dceb970d54e9c99fa758d89ee1ce4b8dd546947c0a068fd9ca73275ebac8270a6ca6f9d28eb0914994c966db5b9e4e0ac3482ba56fd1bb9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2cac6eab4edb0c6f9ed8f192ddb6c6d1

    SHA1

    82a42fe4767a95b1128b1cf633a399010e3aad6b

    SHA256

    5bfec27e6eaf61d3673711ce5cbe7848f65b5b902dca2d72b4f26e1a0fa3d8b5

    SHA512

    693c33af19f5a323e7fe05a51592a29d58f1aa88f3e8dc89e1938cd38cfc3eee28d26380c0ccdbba5e79ae6d91b6587a49849b730e94ebea666b75272b7b0c7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3076eb2506327e169a3db2b028bd5ab6

    SHA1

    41ac553d861e45d90fbc583a00a1e849732dc3be

    SHA256

    e8b382e467610a96cda5740690a3f5217ba0e698494940e1abeee65af2e43f6a

    SHA512

    b4daab458bf739620bf15428fe2601ee3b70e8c90bcbe9ccbfdf7b1497478da1b95b2473b9118eab7cb39d61fb940b4e669ead023030744387e3906f925ea919

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f859834df543386cf4bf27bbf623bbf

    SHA1

    edba02a8c9b58166fea019df21da7a680e4f1705

    SHA256

    4872df1beedbfd0880a4491c6afe854ead4a0c45276029c53c12a8757bf53e83

    SHA512

    8b41bcaa77448145634b4061153d61de27e362f7749cef52b5ceedcf97a89d68855343e1cd8c196ea3c4cf53f2172645b93b475f8c277257518f95f75670f56e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26cf61098e5df2cd0b6173c0ac4deeae

    SHA1

    75fd3063712491b24e7f17aea8a69f7a5b1d2d1f

    SHA256

    5d00ad3f9c9f990c37a02f8059c8fb31751a00efd03c80e080b44bbdd1c1f1d4

    SHA512

    f2043816ca2b3130efa72f1b5c02c1842569e84c89b42e084ae48633a0396cee914cb8403a3c651fbd9d9205cf6ed10e760f70e1722eeb4a36dbfa72d986e446

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    893df6c2b42b74e6bf169d67b41068d8

    SHA1

    667075a3631bb34fb19b9a84561675c4f587bd91

    SHA256

    90d429e29a837e196445af52fa590f2b6cbd7a9f921a50e44a09723f01404b81

    SHA512

    17029798505e25f180bbe5861a01ea14d13a3ec6872f8c07dbba8fc602b694b6e7292bc8966da61891558001a35ddebef9164eaaaea5ad0209df014375c3bb6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d808a29eaa3bcdeac9a0aace1afa6b90

    SHA1

    0c1af4942f0b68611065250702e421bf0a0fc8f5

    SHA256

    f4c37b74fb3b7316be9f5db2a860840206238763302580625f866b39c7987062

    SHA512

    e132bbb914b753d2253cb763fd490cca98f536e31e31e47368e260ed54595597baa4c742020cf7f856677179822afa950ff9b49d98a5e3e24d6c186e01c0b960

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDD67.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDE16.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit