Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

aad9615fe2...8.html

windows7-x64

3

aad9615fe2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 11:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aad9615fe252578f0ee393465faeb4e1_JaffaCakes118.html

  • Size

    64KB

  • MD5

    aad9615fe252578f0ee393465faeb4e1

  • SHA1

    79f7e89a8aaf76d400bc02790e80d651b749fb34

  • SHA256

    829b32e758713691d330d68e6b60a4cbb8d310ca6737e99ead4fb6ac11fb38a8

  • SHA512

    bbb7be48ef8553e51bf497b7ab8c4e884b1d23d5896e77579599deee6ee3f00a502cb2708f6dab470819c9217a695eb7fab0029a3abcced4d5a4d0b08dc7c010

  • SSDEEP

    1536:CE+mwcybcQIP80rhVo1OetFRRMRvtHDhxWsMj32ZafnMxBy1DZq6JXKfaspiIpe:CErFo1OetFReRvtHDhxWsMj32ZafnMxm

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\aad9615fe252578f0ee393465faeb4e1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2556
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2556 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    23280713d3bee18a3bde3de888e20d30

    SHA1

    2edddece1c6d778744934417e75788d0650642de

    SHA256

    c201d1c3c95265d68d8d57f39ba8058b6739fe7b50dfcd2c09f0d52de6ba8338

    SHA512

    1dd7ffe744f04defd92bec707c4979a4d2db36be9447a278adaa5eec216da8b39092fd9931bbbefab60d421786bf3795c78bac2715f2d25eeb255d3a6721f845

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d5e5ef7b6b4b7d7543abee652dc3215

    SHA1

    11158f49d0c38ab7fa19fd55eb18160af0fb2543

    SHA256

    e0c98edb62ee78b9f5bb54078e4bf6e360b29923ec9c6e23bc36823904daea6a

    SHA512

    5dba6a68ce8be886bae696119d947c10181626d144cb82931db8b8054d9a0af1d167c63aa3188dbe9b8dfaff1ddefab161992ec39314274537f29a63ee87f798

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d6125ae9717ad81d275182df341c74b

    SHA1

    be86ee313937fe0b34fb5d6fe00cdf5287aa86a2

    SHA256

    8fa88e477b3ed94f6b51e967bc751e9d8ba30c5097ba960fdc838302ce8e4b28

    SHA512

    bd6c5fd0d5b39c91e25f2cc0566a2f0822c8bca76606b7f5f3c4f6005b4116705755743fc088a58daf7c016a785f4038f9d539c593e8ddd68447ac6f02a9a6f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d0e32702a6a592ec168c21c05430b0b

    SHA1

    ec017fc22d8d428dc681e67a00bc7e6068af4816

    SHA256

    a9b3378d5c1bcbf18c1a51e57737eb8f2ffd0b77186ef8ea1d4b6a46d03c4e77

    SHA512

    2c5f0c2e5717df077ba1d9a53259ee86cd68f1ab85091aac042f9a717248d7279eb9ac422c9cefc5b50287d673994bfa1d509a0d0bbe9ea69f87435c65cc4cfc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71a098f6a8c6ab450360bd332e95b0c6

    SHA1

    8ebe07c6f24d45c76f35694c2c15c7bf926cb1db

    SHA256

    391b755e90bd7a8269f0018489117615178822c434f1c2b85b3fd9d6edee3bc7

    SHA512

    e5a8f02528353eaedfaaa5338063461ee2d6c79d8aa845c23824f99187fd7280cf43c102e81c6e193334e19628ea75a85594cfc3821464eaa293e5c26799b75f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cad88afbc2fb18cd344d780451b96f6

    SHA1

    45c832b25b4b8d5a60a342557c9fd6ebd38d91cb

    SHA256

    ab3bbca040b7598e2c1721926a6abeac44f87fadfb0c466936d64ace4db1bbd0

    SHA512

    e6ebd6c8bb69d9b7302f4f174034f3ae03204828024bff545824d6f9ca76fd743596ef0e3a5aee8a60821f365febb81b74c3e243ecc2ca6e8998d2b602db34b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbb55b56b0e2f853f61b492f51c4459d

    SHA1

    eed6a19682a112d9163891532bf88cb5c5f51112

    SHA256

    60999406c41f74dcf1abfd379058ff7bd2747d62a40c8abd299f967237c9c6f1

    SHA512

    55a137b31124d0752e760408cedf8ee7f5f26db7f6308c186b2c783e74c2b58ff568636a4f05903bf5972dff192753e7cf78e5f8ee62ee8a8378c9b0c7213bd5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    864e8cbfb3064ed542cb7163ee678912

    SHA1

    979d1bcc1f61c2cf7ee9f8e3f0d439d942092d5f

    SHA256

    bc5c202531bb9f13cd2fc89e883286bc2cd02f6f4e4390ee16f1e098e0203c15

    SHA512

    22c90ef193fd41e8603a2ca64a74fbe96d6b78af8a90f78d265b81c2d8b5df42dc3dc9e603836b8b564e8e53993b44fcb342f2e4dd049fb8701c9d678f592fa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77a0c7b0d04990b60bd7e0291fd826bd

    SHA1

    20ec4ed7096d811a37bdf3c4951df4576baef597

    SHA256

    19e5290c013ebadc28079e4868a8494a544ad3d71e1aac87303fc829009d7805

    SHA512

    40ca7bea9b258ffacf93a888b1a7d485331dc9a7486bd0f32f8c223d26b6a891d19b5a1a7df5e9565cec73399c25fc93ae360c1348e6e698146354edc98bbf35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfa0873c11eec7dccd35b1b22e9b9c4b

    SHA1

    02f83bf17bde97d3ddb92beacbb02620d1cd7432

    SHA256

    f18388d220cf494840b12a2db2b96414b62837984e31010e975144b90d094753

    SHA512

    89a3d591aae83c71eb8dd31ea2668e4492287de3e47af320e748e2b0358ea21fac4cb542222ad6a7800a93b7c466ec2daaa75c36850fb5105b3ec98a4f0b7166

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ab9ab8a922676f8d515a5bd2e7660464

    SHA1

    62815d6706dec61b646e042b39b4dad7339481fe

    SHA256

    f2e0ce4bff444187d8c027ae536fbe6d9e9e9dc6e4298cb72c18f7849420c754

    SHA512

    c247307c1f55473131f7ba6a5f42e74ad04b6a2827fb732950d269add8bf432bfb8ac9d587d6de3fa14c2dff116fbb6d99d9643500b05f4f8368eec17b78d84c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9127cfc02288a252f6af22fcc755b579

    SHA1

    0f7538510a386bc09909b80e7249fec42c3b4e7c

    SHA256

    ecbba0f624dc7749d57520e76728a8accc87770c3bc23141ec5f6b906e160173

    SHA512

    5faf93ba2151fdc60fd646f1e47c50003a044254de0e2e9dfef74971135c93f11a2cc3c6adbdf4d009ed2f97094f58b9b99d18826c89ba467841f5e7515c1089

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    255bf62aecae10295a7f69fed081cdc8

    SHA1

    c922bbc2c6cab87f077ec7f8460a9956989a5c0a

    SHA256

    ce2c7bbfff0a96e3970f8c05c4ba87df494b7562c05f9662df2476227ff22743

    SHA512

    c14e17b15931526e85e2085adb1619666a5c585ba016ed1249541ae69006314437bbd40028c28d0fdc8e3ba10271ddafea9f26a59bf194af41e565f809004298

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    c733442304ac65e1264ad5cb2f32d4bc

    SHA1

    bf1c7eae677753446e9ebf8b23d5781adfa7b90a

    SHA256

    af1c4234240abc99c7dd28a95f6272245a0c776d4bf79c7afe3ed4916c149a5d

    SHA512

    dc3c8cdc67f6d616068eb807167477ab2fda0853c84def37770b93b6d21cac2defaf9f61facc3a8c03c36c79481c4232e0153e2f2f965d43ea5258032aa764f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA557.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA569.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit