Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

ac4b4f0759...8.html

windows7-x64

6

ac4b4f0759...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 19:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ac4b4f0759e4398aec271a328ca5ae1b_JaffaCakes118.html

  • Size

    49KB

  • MD5

    ac4b4f0759e4398aec271a328ca5ae1b

  • SHA1

    3cbb66f352c16c51f33a63481b0d40b1ac38cb6d

  • SHA256

    406f84df39148acf57193e0e13c03d30d815ccd1506ef85235548cd2db076e7c

  • SHA512

    64163534b5fc4efb3ca16f05726f25cfbb86a8fb8f23d7999dad85b58ba82c3e8ef860da2bb4d545eea4bdce97c829e313dcc2cda8f70ed8b14851b8e09aad57

  • SSDEEP

    768:GPBI8Gz/pumYBILwF8QzHJL2cY/3UvweOIhdv:G8wRzW3UvwIhdv

Score
6/10
discovery

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 1 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ac4b4f0759e4398aec271a328ca5ae1b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1768
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1768 CREDAT:275457 /prefetch:2
      2⤵
      • Enumerates connected drives
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2184

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    1b1029f981294ee4e5b746298937c039

    SHA1

    43acabad180946fc4336bf20977b8add3ae38fa9

    SHA256

    9e8fe5d614b8100aa509c9361f5a2eb78724e06ba74712f31c661a79c1ed41b8

    SHA512

    adc4357585801477b5b5d0aefd7beef3dd9e3c463528ef1130d17ad23e29aabbaadf9c37dae3c2ebd0ef307e8b49d772e8fe0646c498728af26a394d590d03e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1fcb10f0291595655d41a27ac935eea

    SHA1

    89163963a8d0b8e5ceb8307accda85ea39285a62

    SHA256

    0a49f954d74260892cceebb539992c320ff55c7da5cf77db10540420634b15f9

    SHA512

    3f4bcb4d189bec63a30c51fc5d9edac2f4bb69d58e5065b31409efcba3b482a465744a3e7aebff4948c819caece05564fd77347fd95e2a15a097e574c791504e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f45f89b9ef876435074c957265a13dd

    SHA1

    ac6fd7e05522b8f3656c47a2e9c96ec78d0864da

    SHA256

    88e84d132d21840e0a0c87e0b691abb374d727b5f8d6aa6279bed844a06fe11d

    SHA512

    46eae09799f602118eb4ff3dfe8c3569582dd89c0603d5fda1754139b75b506948395e4c3a35e3718bad30ac7e99b14b62a30ca0d0516b56a0ce98f023e3e570

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd062e3ac71624052456deae09a5572a

    SHA1

    e64a15cbeb0f4f55c40e39cfee7480a5b09d8fce

    SHA256

    4d082405ba6dad20ed756cd547aef952e999b62301df9cb33f1aa8ab467e0d9c

    SHA512

    c5ccf675f35515f07afab237c3de135353817a7c86121afbc5489775e46b78c798c94ee7208b955cdf2cd6b2aef9290fadc8c504a6ea4845293f61c4970369a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d947543b21d8460e1d59b18c378d1700

    SHA1

    b75facee5b3fff4a0994da198256849b9c433d7c

    SHA256

    527faba4725c9c39a6309f644059f814b3ef37463e04f92e766db624c5e5c713

    SHA512

    c0b8690cee66df2ff7bf846293c678503571f8e76aff71f65749807d6cba303c9c48b5c5bf9730930e1998352f05c1b28d3016e65df160424397eb9863e6fc37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4346f6d4db14b2ebc1078402a5dc78b6

    SHA1

    b56aab1a780ce23db97c589c7dc8d18f5908f5e4

    SHA256

    37c409070f40fa0a33939616a237e4a55d3e4b32d81bf0b05b7423ed3135b1b0

    SHA512

    59d54c60b55423082c73c8f9480feafd5f48471bc359d4f3290857a9186fefcc9b09b553c99961f71784cd71766bd7e869f776be1e14c82c3ba938c653c445d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e43c0f7767610db25f3f60312356197c

    SHA1

    1170650233d4881a11623f2a18d9dde511cd4c48

    SHA256

    e7cf7bc0dea1a95918fdc87b2c80a38f7ec0b4e3123c0a1f4df5b192fe046b90

    SHA512

    b94cb7d85e6fdfc0fb65501346d759d64441dbe6d8b3736087871ce0774653b8125251d97487b430c5aef560ab4df678504435e425c3c0ae099874b791573160

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10b5497b19032eb7979f1c78ee192948

    SHA1

    f6695bf33aefa3db7f7b6d62b018cda34898a882

    SHA256

    6190ea421447207480d3cf243bbfb9ce090b7ca4e57911fe829e9000a53ce948

    SHA512

    516db95aad05877faf4b5bc1d0003b40ba8dee0ec2346327198250e5ff1d43b6c725dfcfdedad48a4091541438725d199a99313a5ec343426290655540f14e6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44797f099f7c01b5f26046bf940b8574

    SHA1

    001e2de731f22924b4754ae03a4b58024ac6c9a7

    SHA256

    ecd03b35e0132c6084c7761ee423e7c4c43d235cd427a0e342aa5c229488c85f

    SHA512

    9825ab39410fb17d4e70fe23d36f25d4f590af73647b58f4a9c0e05dec549c5208450679dbc1135825e3a708e7fd8a02007006131194bf309c61201387c79705

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6743f7a2b050c8fdfdecc989a18472eb

    SHA1

    5bcb018d8152f4485a78885360acab6bdc932ee8

    SHA256

    c03c4ab8cef3ae591ed738356046138fb08cc177da69e5b971eb82b4a2a80c5b

    SHA512

    f8acfba6be8993b196859cd787748d1cad2f65986b9d7fbc5332ec6405a6e1f64a2e6c148c3cab79eef518a2d056fe833244bdddb8450866690d9e839eb59965

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    377aa53be29de81ed11b41c866826768

    SHA1

    a9e9874eb669cb6a6404e10d11efcf165d212147

    SHA256

    4bbca10fb4bdab3e008cc2861264cff7802e6de0d1f515fcb8bbf2e8b4dea863

    SHA512

    674ee6a5570beae0bd621419d4c3c17cee245104e7b80af2117401580e29985e5e3470b3f76b3550adb8f45b2503aee48a04186806fa5aacbc19a22767a466c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    c1a6923fdea5d2c7bc950cbbf5b14250

    SHA1

    e09c5a6d668a2734455d3f241065845ba7e7694a

    SHA256

    9f16549f13b79e4bec63f9d7cbc58a76854609a651bcfc5e423fa00a540e215c

    SHA512

    f15b0b0ad5e3cc96dcb911097493ee7643d021f3306c851230e2d92cfac116f06d6d92769b5e516fd4a228aa89fd63e9d5f910926fa16d775ec1547b53f0b5ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XUZ2JLF\f[1].txt
    Filesize

    39KB

    MD5

    ba5f93124b258f10af9e80b0866eb69a

    SHA1

    619091a0aedd96f0fbed0abce20d1eb63b49a653

    SHA256

    44f3449089f76c5ec333cab494425e36776c9155fc29c59aea8cbbd3d5ac1625

    SHA512

    cdc8684516a1235ea7f0e7b3833da386ffcd6205a12c2e5eadc0fd0e9dbf419b1a2fae4bbcecbd99bd38eafa3e10d60129412ee0c48d52a0415f03d189459fff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab78D9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar79E5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit