Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

a42390a491...8.html

windows7-x64

3

a42390a491...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 21:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a42390a4917e3c1dee7f26736e09798a_JaffaCakes118.html

  • Size

    15KB

  • MD5

    a42390a4917e3c1dee7f26736e09798a

  • SHA1

    6c9597a5dfd8c8fc9ecf5f5be77f2b1ab8425725

  • SHA256

    e617f3bfd711218e705799ca1f66d1c5bd8e46c61a50584b4d1a87ab24530bb0

  • SHA512

    8b21600749088098b1276b630a1a9388fee2b3299f7e5e0c59604e6ec6a28da255650880c724038f0547c8a6600f0bd63f64c06ad154d517a6fe880e66e6ca91

  • SSDEEP

    96:yiIdnUZC1AzgdG/48L/CTxzdTSkBcIzGGVPOFN13XqSTSTu1tEoTF3iKEfR+RQyL:NIdNG/NAiIzONZeopliQyUMcexCae

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a42390a4917e3c1dee7f26736e09798a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2464

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7cc45dd5888ff3015f5bccb11867950

    SHA1

    6d16bc73b4a47184109c10a761d9a78090d11718

    SHA256

    c3e14232d4e062b72b79bddef3b746948ca63e74a7166476715023e350744b96

    SHA512

    5a12535b5259fe5cc2871fc77a5ef6fe28b2bd2b600cf2ccb995de2ac3ec32f6a4153c352f729869ce604fe4af0260a4b4a631c01ecfe29afa21485d86428f64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d92f5b5ff6c7f6f5b240b69b9f34fa8

    SHA1

    31370dc94e545f60061b8f066f3a54ee505e0b30

    SHA256

    b2a36b9720a9c3ffc3e2bbe84ba36418a0d98204f46de6eda6c8ef06f5a51d5d

    SHA512

    c12d80e02213e210663c85b8e5e22b6b4b7ff3e30ed27d5250834ab7588187ba3f55ecdb334bd711ef9b0946b86b41968adb95eccf63676a2975cc763e07bd7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7339c4c53c0ec1d0bf57dd19080eaf9e

    SHA1

    f84e9a41c2ae288de745fe0187cb86e5fe983792

    SHA256

    a587a617249596b7c3b0537ec9ac3559095eb29cf70d394239c2a0b6c0241f18

    SHA512

    d61657c1a96a765abb51403b73aa642b2f4bd64f2ed7e67ecd0e3131c15be1d1d60d3272fd5aa54c57ef5a38415c8d00a4d0f6f2d6ae02854eb445a43b9dedf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91b141777f8440242c6834bceb60bd4b

    SHA1

    5d32fa6c295de1c731a1fffa2f410de4be0c586f

    SHA256

    0125d7f536371960beb9f2a6557e2d5f678edc20ade58ab0725be9f72d5bdb0e

    SHA512

    6e7e41a58e8cc157f6ab4db63f1ef5ba5e3bb4a32f8d0c8fa1299801f3b6c9ce494639cdef366af517f7080bdaac8a42084d1751ed94feb494823dad5a89b73e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a92812b47982381b43f1c0d28056a20

    SHA1

    1386c8417170cf2c2b26c677ff43f985d61d6446

    SHA256

    1d58c9a87589aef2c14e5e5c62fb1619c7171fc0c2a0c1e6a80b8f37d2fdd415

    SHA512

    bb64cd392a853e4d71d7c233699f4b85015a6fb10bd1a54613ba1f1a8b41568d253741ebe47b6136edad7e0522361b534a54dc65bfdbd3a5d95f09bc3d4177f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f175cc1ded8eb3a12d72a6b7e5ce4872

    SHA1

    5907d0e015700eca0f4f0db8e56e343e8b238fff

    SHA256

    b73f2b5fe473b30f598d3c8f8f58b9003d456260ca019f1e1356f71cd6d1762d

    SHA512

    572625e24c4f891a43516f573f93661485684edacdabdec27e8c4a7e11611ccbc3d3b9d5cb40c4f088a946eca2346b85fa8780439909f4e0fd15ee9563bbe77a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4189cf84bcb4af028f4c617cfd3067a4

    SHA1

    a06d11e5da863fa769fdde8e71bbdcd2b91f4656

    SHA256

    3a4b113b431d17a4a8e5ee3febc389e4a7686d7ad56b8a917ea69b45683e0d14

    SHA512

    c737c7f6eb2924efc0785f60e8dd737552baf29a7970f6e0e694c41794f37da4644c4743065271b08739fb99663ac3fde81d7e7e1a1dfce790eeb9b00f8b9ed2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64dbeecd6c1e0070355803211762e609

    SHA1

    6a7f8d1e590a64b4366c381ebe3bb6f82cc1d8ba

    SHA256

    d6433cac5c0333aab4b43a5d145fd33182aff300991d7a15c12fc4fd767b3767

    SHA512

    a3f502be1da444a180587dd943957afd1d6f8fbf87ebda683531e58942f58c64b453c5067507feb3c7c265b94d14bfef0639d6bfaad1cedaf5a30fc5022d0054

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBFD8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC0B5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit