Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

a93e7c72b2...8.html

windows7-x64

3

a93e7c72b2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 02:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a93e7c72b23248c6312b0ba87186c6ab_JaffaCakes118.html

  • Size

    122KB

  • MD5

    a93e7c72b23248c6312b0ba87186c6ab

  • SHA1

    dd76a47922a9e0222b2d9a91a996391052045611

  • SHA256

    60eb0a9b37044f44948c955bc6337f1d08d8a4229cad894ff13ce1c32fdf09a6

  • SHA512

    d8c66ddaf044d1349451634ba70eaccea36f5823884c992d788874c4e9f855c379dd05f9fb334e34d3f37aa2a9f31d526d37a383010d01f4f0a3f76e9d2e825d

  • SSDEEP

    1536:XyfUxipquOpGR40UP4Onji407++IVMC7sedjB2Tpbce:EUxYyUWoMjdjUQe

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a93e7c72b23248c6312b0ba87186c6ab_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2529aecb0e9af6a365e7449660813be9

    SHA1

    9a20a6b1652dd7f293ca2bdb70b5abeb8b34639a

    SHA256

    5a807165c46b4539aac257cd20fa827bb832c8c36cce57f07e9d256fca095a09

    SHA512

    e9e1cd79ffe7ca4cab5021a5dc65440bf9174b11325ed32bc3011d518a26284d495a1c9c85e42dcca601ff2bde5e1d242e9293c4e94fad6dd53b509f896c349c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    68843c9e7fd2e16c0eb4ef22398d17cf

    SHA1

    cc95fef8da84780f0ae7375c0415dc3bc6b30b24

    SHA256

    6af57f1db8eccd883d7d25ca216af05fd8dffe5ec233322d96cb93d2cc9f1212

    SHA512

    42814c363678b21b868d262531516d743ec075786787ee4daafe0b72fb70d80d23f45c44d25d4ebc1468abf5b1ad473f0daf639fff2c0c1d60880fae5b8b31d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1846ca129bf9fd24f0719c99d7759a81

    SHA1

    43e8a23a55d96b0d10f865f6ddac7d129e2ca207

    SHA256

    534b9d12ae65c940246428f089e6114e4a76a01f54b64aaad27c8a2f07a86f00

    SHA512

    6189ae3938409bf226ded6e8b1ad60af20da197fcf8badcd4719f9f1bdac05aa41e0350871d52dc20a5d647c80c1c996917c12baadc848fc4a1791f37b260500

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bf69ef8761af20ce606a41544af26edf

    SHA1

    c0f0c3b1a621cad96548e93e8958844c2f4d0e8b

    SHA256

    9a16f6c855962151973ba60b3ebcc0f4212854d099387c10a437e5863587a0e3

    SHA512

    22035b224586c9ce1fecb99c0dd5a09d55a10d9241bbdac4bd4d437d57032e6b0cdce876c34104825c1f29701762772adc72aec4330f15a8902e93cf29246928

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    704407708be6ce5d6644e82fcfc7d557

    SHA1

    5b194a6b8acaab84b3dea50b83858b9440e47d6a

    SHA256

    e04360e7a77bad22249e636e651e701904bff4956784f68e842497d58c637089

    SHA512

    4a761f8498bf5cca207ed91b12cbf5b2657099bd666200d541f3d393b242e6fb9e053f6c49b399d2f3a9abb2e35ff567aff05c455eb97511f2f16a9830ce65f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f863701e979025f80cffbf0fe9d91ddf

    SHA1

    714c594b45db30c380147f277c8102cbf8781ada

    SHA256

    bb8c6952ac072b760d064f76cfadb04e4d3ba7ff98a75e96a21442284dadcd30

    SHA512

    18a3198c7ffe7fa9d7842bfb464ffd434ae6615b3f94050cf15ff377f4232de513c7e72688818a0f9af6bd4bc3ef0d47a739cbb9bd8f8284b6547e9e2cd67228

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6968538d082731b9c8a35d1eae9a6354

    SHA1

    21f0b43b74a9f39aa70e25635ee453b60e196e05

    SHA256

    b107832d3cc3ac9fc28253eba285057c753f6d9f261c80ab16b697c5b0741a4b

    SHA512

    0a3f11357aff2846cf0f88ea4ac215c8c7ab9e44984d1f8a2c3cfb50f0208db0c9bb0dd00236d76ee58e814d425d5b12ecac0ba153875ce76d435ac3c6fa4312

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    19ec22bf204d6e3d831200dbeb3fefbf

    SHA1

    e6b28c75aeb5a97a7bd43ea03e5e6a79dd82303e

    SHA256

    1de44362ab57d45736c9ca58e70b94eb8549a0070c79344f1f9a7bea2581a5ab

    SHA512

    cdc78ba67d4f883dd0deab139e248ce8e8eda71a09b8ecd6c6a85728a097fca83ad5e65f627592b340d5c891eab9abd4ef932c7339d9c6264e5af28da5608dda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    817e024b92ad37214aada9084ad467a7

    SHA1

    ab15ac5e47cd0b3372ee728887e18b95d0557166

    SHA256

    0135343caeac4b495bbf19c4394b9382ade12f5755e04122c28383d70f619a0c

    SHA512

    e18fcd922f84619b56226b91e0fa8792ef88861286fcef684b6186c60f43641cb95fcf0197fa27890a3ce791488459d82e16791969df524b636caf22184f6720

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    08517d1f87859fd3fd7274de2210bf9a

    SHA1

    1e208718b4a606555382321e4e6171b386d9a137

    SHA256

    3f90e5bf01bb78204498103c9298341ff07448458205487bc9836f325be73534

    SHA512

    37987fd6dc89b05f8e4bb6db91c4a660669b6afb3b5c4582a62709d360c90e290d9bd030429bf007c906eea91d970b5ee290aa85d00cac951f355e626fc2536b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    73154f5d0d0ecf06168205a0367ba59f

    SHA1

    8ec2b1af00789f2627e2ce4a73eba48c5a741cf1

    SHA256

    a879bdc92de3da3d34eb1db48e07b294486f6c5ab0dbf70f47906bbcab5f0114

    SHA512

    30976603989fecd0886b8c237a5ce66b106b4d73e33b9d3593493d14112736a26b7246aa662283bd71f4cd0e424c1f60c5baf52da9ccfe6c775f0a266787174d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e18e7ad0e12c943f09d1db499e30837b

    SHA1

    99dd0dcbf229ff9b77782ef316f11c2d7d1a3f98

    SHA256

    3f00a94d2ca8ae958b5ef792c230ea023a4693d6cbaf1cafb92773bcf286a7af

    SHA512

    934379ec600ea8c965b390eebd631273468a381e8ac6a5cf56bb91e4dfa07e34d50bddc316dfc42465ee9cbcfa324c525435025eff0289d5324a6483777a9a65

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2425.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2428.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit