Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

a6e398c0f5...8.html

windows7-x64

3

a6e398c0f5...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 13:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a6e398c0f56da71eaae2ec15854bb163_JaffaCakes118.html

  • Size

    26KB

  • MD5

    a6e398c0f56da71eaae2ec15854bb163

  • SHA1

    f3ce38f01704843c537637e4838636d9770618a6

  • SHA256

    35af73f641202736cffd55dfae1c9949cbe827bf3d3f5b634549245ab38056ef

  • SHA512

    6876654d09d09e43ffa6734037cc1f9abb18bc088c7245a814dd0850778b710743739886cc2fc6034c4019b72ea6b1f68331142d9f70686f90f9c70ce0fb1287

  • SSDEEP

    768:m2huDWbAH/aizO8Ew62Q6AqQc6eQWSmQOCSQah2Qsrx2u4Tf9T0aQTPeQW:m2YST2QxqQteQ/mQXSQg2Qsrx2uBaQDQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6e398c0f56da71eaae2ec15854bb163_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40b336e5ad5b7b4f3211d1c8d24a1c63

    SHA1

    615befd7baa0ba2072f3ddb6ccda8e7aeafd9585

    SHA256

    43b7f47a894e9b2f88b8e5af941c6bf69683510dba2548440a82542b13b1395a

    SHA512

    f413168d9f32e8a24b650ed2c6aa103097be59e3cb0ece4b2b294823919417ed5e3f7eefc57c9a2e8be29b6f6964e5e14b7c5a9d27887988dba6e758333a5b19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02ea6382fd5385ec73eecd781ca13c63

    SHA1

    25f19a2aef088720c8e429d24404e33dbedee42d

    SHA256

    a559718473369bedb3b727a3cb25e7c94c72ff9b8d9847ae65ae8f7706d55a0d

    SHA512

    694c4ebc26eb1381775f0b0a40d9b1fbbcff4022a03faa79cae143b01c478ccb7fec509e0c3e520ac3dc5f067073af56e9243455c3d75927d7c87dccfef267dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4681d2381b4de22dd044f27187fc24f

    SHA1

    ad2fe3a67a1e5ab197524477c4c2cf6e66ed1b96

    SHA256

    98de7f15932755e512a45c71b85262c7928efefcea811af93a5b842ce2caeaa5

    SHA512

    6596f17deb29799d29feaa6a6a4af37c47fef3d51477a72700979d22cce4caa2c1420b39f3a9880934f4a44f149d65c5101614b4b99999bf3b32ec9cf730cb48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    601643f4572f55a3f8abdbd1fe4eb376

    SHA1

    efa7fa2f8f23a2696bfd3bd3c5d358a15059691c

    SHA256

    59601aa99bfb064c215fa0bbc3e77ab7278301ef0e960d890fbf310fde7cfc6a

    SHA512

    97970b66e909a89f5530453f349dc0abd630a3601f93abf3fda96be551929f4789627db240ebe59ce413485adb23c84a7e08701149d345bf26b56497914f1ea3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9f2d16f96b9dc54a114b670bb58791f

    SHA1

    39b9b65cff479c37997066a2536b58eed8ecf42a

    SHA256

    00fcf328e9de328378bca3ef3222185576c489d1df5681a2b5c1d832661cc79c

    SHA512

    300f669d3be627063f1126ebdddf4d3ff91578482858b3c580c5cd8715a9dc4dc5a1947641fdf862cda4d7044e6ab8f0dfbf4c73e7452c9e9cff3cfcb0ec25e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    706f0f2762468a57d1763e7fdd1a78cd

    SHA1

    e5b8d971ca87450aa6bda613d795df0e55ca9505

    SHA256

    0d54567f55dd99cd3deff36f86b238ef7c6f89c85c41d06ea2329446461dd06e

    SHA512

    98ef3c6f53a8baf3850264ebcd91cad8068329cfde109dc69096a9c6609b3378c38ae7723065a775f26fd0f95aee952f54892bcd8fe35f362c3aaa3ad11ef54e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    812e0a3e459cfd910604dd8c6155a95b

    SHA1

    2163d5ec0f73c8a6fd3e8d8dbb9e88d5accd37d8

    SHA256

    0b97ea72e27374984292a45194b08bf02a7008606c914ea6cdb3ead62ef192ee

    SHA512

    0a24bbcca14141f79328187da232eab96d04e1aa3d9d6a5b0a215a18d0c1993860fe45f1f95061c5cbb6256e7cef93c2547c169d676bb292c559ab6496e0ed87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2af71e1fc6fee0e9900e30b72fcb7ee0

    SHA1

    65ce741bd78150dfd14d43a4c19d91860ec5061c

    SHA256

    875c876a7535f4b0a1107af723bbf2b8c1065b090cd441c52663ffcf19b9cf90

    SHA512

    585f20edcf5aab4bc57af783fa3a9cca005992edff12ffd7b3108c39d0ac4a7a9ea64b761f23cdd2d492f4acae8a49012c39f00e1cac24f1e2846f8cdab344d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a19277696e1aaa3ae6b4d80128fdafa5

    SHA1

    20f09fa1a8eba446988f9867ead274061a2c1894

    SHA256

    013341386f4526b19e6d5b35db4da5fdbc46c8f89e4f3550899254b9082220db

    SHA512

    8b112349c9a8db40c039249a5918232c2a0c2ccfc621f1eb3e19974ebb4767600595cfb8f1841a6d5cf387ba07144794688ba5a26f82733f493632c1fd8ac4c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fada645ecce0fa4c4d36c14b3e5fe167

    SHA1

    eac4cfd284054e93349cc2030127c6f15c65108e

    SHA256

    20ed83e883809b8ca7fa108a80fcfcfbec5d886de1ee4078eb290e4df514636a

    SHA512

    e7d21358b896bd46b7c962baff50d0ca44e4a47f2bbab8b893d54139fcaebb454990b48001f8d9450595e158b4ae2ec045ea0585f6a13094aeabd44e5a41ea35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d94b2bcb0e8733ab121e10f5f877508f

    SHA1

    20eb77a1f104e4c7c8534d0f839b7fe1b0b5017a

    SHA256

    365935916bd6642601ebf9352389c0df72adffb16fe5a6ec07c2ff3252df5043

    SHA512

    b5b1e55dde1e0d37310d6dfc9c6b4251aeba1c676ae7858105ad648b52744775f1c3329848e8ff0b440fabc660b98df19af6943b5a3d20d39542e135d76b8fdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd0e66ecf97a78620dec0e3b795d94ec

    SHA1

    c4561fc70113dde864fcdf2eac5f3c66b69e10b8

    SHA256

    bd752a7bc1cd000ce6e9080a665d7cbd1f546e1222269ad26260f4bedefa5b0b

    SHA512

    86fdfa1e23e54b18365f12a23bc816167ae1442235aec2fd9fda0fbd887b20c6f994e7dbe8871473a7e5e230eaeed30b26383fa9397b52727d4a0bb46fbe5567

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b83b0da21a1cf0bfc34040a1d11ebb0

    SHA1

    fe6643a596d2c0ee3159bfce988b073780439d4d

    SHA256

    9609d1b6091cc3d10ba1402eb307ffe59f1fac5b4a38d47b098bf82eb441e917

    SHA512

    1bd860a056163062d840b276c9cb1001d301352cab1aabc2ec1050571ec7ec222800bdddcf77d6f482c4b7ee3bb3b18edb0ea29e3e477eb809e8637af841ce42

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA48C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA4FC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit