Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

a73dd415c9...8.html

windows7-x64

3

a73dd415c9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 15:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a73dd415c93158bd53e5ef4a1421f147_JaffaCakes118.html

  • Size

    178KB

  • MD5

    a73dd415c93158bd53e5ef4a1421f147

  • SHA1

    8a114889a19c744a9e4443d98a90df112c8fe6d8

  • SHA256

    47b7085384ff9cdfeb4f88a01f58056dc5000217d68f35799b82970dbd10b462

  • SHA512

    5597a491ca862366d35ee92fe688bf4e19c3e3b925dbbe5bd5873730219910c9b81e3dfbce468cc6353b4ca45a0ded5edcecab604c920cb7a5e4cff35213d020

  • SSDEEP

    3072:Shk78X6q5555555zHvwOS5i7tcxcoHF5flPCXggzqzHenDQXWxuusSFsZ9Oi/8sQ:Shks6SPwOSE7tqc1GzyQXWEx8sjBUB/

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a73dd415c93158bd53e5ef4a1421f147_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f83daf9f689e62aeda0870b78ef73da3

    SHA1

    46e690df4f999138563649d68797d89db6477077

    SHA256

    fcfaba106fcd77086a3ae17dbe0a1b42ae329439197da7efac858028300ea9e5

    SHA512

    47306ac63bf601d35aaaf35c4addb1a14b372a9590a22d42522b913e61cb6109ef91b1d220cd861ce4f19e94e518d1b26a6483e53c4daba2bb5f5beb04fa8915

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28928d5144b0ae1ea40a9b1f14000fad

    SHA1

    e81fb9fa8a6780119c76eab13ba411f08bd3af4f

    SHA256

    c2ee7d8a29a9be5ae66dcc90c5fb44d178812c4ef97fdb69edfc9e7d492faf75

    SHA512

    c4f0f402db124fe8b813e1a2631bd6084e2f0fada6f8a8e854fb48bc00fbf7bbebf99220dd9fdf9711c6d981c93441f3293ff9ec45740c56cd6b7ebae1bf3fef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0e9faae13dd79e759bd7a98e86a41c3

    SHA1

    bd94d81b7ddafbf91a119c4d0391de102d7ffd5b

    SHA256

    6d224cf8f6808fd6ebf3ca27494e5f3656303dcb93db38291c264f2adea9d3c9

    SHA512

    0ddacfce33bf987380c46bad38fe10fd1cf08fa539e3b800874ce90ffa454b0dd9e7bbe9dd16d1d8fdc97729ac805a8abbecd1be2e7b28e254d78a06048c03f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5a1ea5b449704050a8b840b57081b74

    SHA1

    67852e77bc4983704aa4b05fe3623a6257dfbcbf

    SHA256

    3d004e9353942f44e99f85632b90daacea1cb9656bccc7f3dc26fe867ebb4f87

    SHA512

    5c95749b6667482ad0d2c794bdfc44f786a9da3b91181aa427cdb7ea897be7cafa7c413e79f3b394c480d1b1e8fd427d5ca249324568ebd326ccf1472fb234ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ace07f4bec102d64cf08991f3cf94708

    SHA1

    d3608a160291670bc210d9a3943e3e923e41c7b6

    SHA256

    5b3895ed9eb490f6f8eb6f9bbe38c911ca3147bd799f03801dacf14060a332fe

    SHA512

    cbac7b1d3ceb7fac14fb58a9ca99b9a2f6aad6c901cce8a793238b478ac1181c8986ff958a10cec76c052138123f1ebed06044e9348ebd244389127a4862810c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    609fefcd86dc48cf3a3147fc38a80b7c

    SHA1

    1db84efb2d5a14ff0c56e67e64157a0086db63b2

    SHA256

    d3a14e9c82d95371a85942890b68217f4a316d75ca7770624fa297a4b29aa044

    SHA512

    fd3e993dac5052750479d917df9c7148b1a67139fea3ff3f2325d8913df680cb4ac538732eee08737ed52382b3805b3742f4552a5357b6740715ff394c732631

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    056fc475c8d25dacd6fbfd433f13f09b

    SHA1

    5557c5f981478534c9f4837f89e41cabc7e1a1fd

    SHA256

    99a53031e0726bd60ba57a0008e165941ef3a8e2a37e474c844ea435ffc727b2

    SHA512

    43485675c2f72828c4d371e45f9865613c2960609d376810969a8078e54717da7b056ed667fa362b7c7976e46112e110e64058992718910c9467a293ca4d374d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    843f61cf53700a65ce03bbc624efc426

    SHA1

    24b067f0f75f863fc41088f641268aea32d61834

    SHA256

    fef2b534dcff7537c5990a7023dba06465c8e47fbe03d54fac820ce103e34565

    SHA512

    5dceae6cbac433137d27a1aed8a93ac243ae2ec355dd3ff69fae24516d82e16b51183205dba8f9533ca19adc2b72a00734553713e9f6c87dcb7023cbe86ceca5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52062fb127cfec556b68b5438da30422

    SHA1

    c094b959b0f8a5a87d05396f12e143ad0b867351

    SHA256

    bb21e2ef684319e2557c6388573209ce3881499e63030036ffae8d589e6a4fd6

    SHA512

    f81868515903ff6272e1b80fe08dea7326b1bd09c072cf16c3bc5b28cb1066327f209a5da61b6ea931d5b7ef6d4e1b59c95072fc53e5418ddd2b45d7c2829f55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd84e4de4442d7d48b784c3415eceff1

    SHA1

    ff29eb692bd507bcd4d91aec1b13d88501f36271

    SHA256

    f343464ae318d1c34ae81927342e7a90c8b506b36902889f903879aef9bc75bb

    SHA512

    90881fe28e8d1c3098407582c8eb4c8ac5324a642caa26e3e35014bc7ed81de022dc6bf7803f5ed05795523c1b46c3fb71eddc00bfa7f6a8d11ea1f37decc48b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54e2ec2aad17ff579bfbb5933f0b5610

    SHA1

    adc1cd7ae5279cc70233686602925c768744cc13

    SHA256

    27549dc9d55220cf2339bda3b1ef5678b6703dd8cb89a8759fca3e9a8ce721a7

    SHA512

    1181f7f5c7996a58153161b98d4b336a29e91177e2d791ed1be1a854669c3bc8b1e5148616e4d0e0a76d81661052605008e0a8c56db0ffe69258d46ce8411a09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c4b2c3e829380c62b0c40d61c120ce1

    SHA1

    d5b5d587c3db2310509ae8b536a8c0da1df9d2f6

    SHA256

    4ec7da04d77a2d7d43b2708b2d20a3eb28b991db3a16849777c3434de6a6ad76

    SHA512

    31590815f0eb57e031f55dd5dd22de80aeb572f606eb93f4e343662e63466818adc52622fe0babfd703f174c236c69f6170ef2c3f3d84a9ac51f6c78c57e61f8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\1[3].htm
    Filesize

    20B

    MD5

    7029066c27ac6f5ef18d660d5741979a

    SHA1

    46c6643f07aa7f6bfe7118de926b86defc5087c4

    SHA256

    59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

    SHA512

    7e8e93f4a89ce7fae011403e14a1d53544c6e6f6b6010d61129dc27937806d2b03802610d7999eab33a4c36b0f9e001d9d76001b8354087634c1aa9c740c536f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\f[1].txt
    Filesize

    39KB

    MD5

    ba5f93124b258f10af9e80b0866eb69a

    SHA1

    619091a0aedd96f0fbed0abce20d1eb63b49a653

    SHA256

    44f3449089f76c5ec333cab494425e36776c9155fc29c59aea8cbbd3d5ac1625

    SHA512

    cdc8684516a1235ea7f0e7b3833da386ffcd6205a12c2e5eadc0fd0e9dbf419b1a2fae4bbcecbd99bd38eafa3e10d60129412ee0c48d52a0415f03d189459fff

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOGNAB2O\avatar[2].htm
    Filesize

    735B

    MD5

    8ed4ecbe04a6bc1cd2742ded37636d71

    SHA1

    0f52afe93c7580d82132b0cf9154b1461d059391

    SHA256

    85cc4fb35d8b051adee4bcce211b0cfc8abddf11f9913123fc2c98c9272a112d

    SHA512

    d96bfe0390a4b40d1d5eb5c34ca5e82730571152b8d2ccbd1ab5283fb45b3f3d3c211079048ba520b76d7ce2cba66b680743766a895eb1745a46e415e62b4921

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWMUP5AI\1[3].htm
    Filesize

    171B

    MD5

    57d4df52bbac8d80282b1b413d395363

    SHA1

    51501b66afd4af9a38f7353a85b1052e6b6bfbf0

    SHA256

    d9e4021adc7c405b14e031005ca8e92a4dee81ce7cc77cd3ce73261f22afca20

    SHA512

    bb11df92e241e0a8d9b8344c65d4556bba7cabfe88ca02561c14dbb8250befcf8d1a823e48e5e1ad56571786ac4acddaf23013eb85df1be7681cfede10310ceb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9AD9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9AEB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit