Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

afc90efec9...8.html

windows7-x64

3

afc90efec9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2024, 15:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    afc90efec9844b6fe2eda41247af7e12_JaffaCakes118.html

  • Size

    53KB

  • MD5

    afc90efec9844b6fe2eda41247af7e12

  • SHA1

    33e43aeb454a341b6ec1524e09717460222d7bff

  • SHA256

    2f5e24d524f1b120791071b7a1aae90360fd6c6dcb1aaf9588ae8acbf366998a

  • SHA512

    75049cb7798da5edb5cdcadcf94b988ef7ad0794731dba0be2ea2159b85b0cc2c7f3a8477030e3c55ca9b1c53d7d2b03cc0c802eb54fbdc21a870b99adaaf19f

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUtrunlYh63Nj+q5VyvR0w2AzTICbbgoO/t9M/dNwIUTDmDm:CkgUiIakTqGivi+PyUtrunlYh63Nj+qF

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\afc90efec9844b6fe2eda41247af7e12_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1596
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1596 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4aed355c88370c6f1bde3eea10ee08b1

    SHA1

    42afd70450f4e21ba162d1781054a1ad005d0ed3

    SHA256

    c85827c4a8c5ab445853f434550faa95565b946e6eb73ddd7413fc99dc3b7f54

    SHA512

    3f2ab7333077a04bcc2de7e4481869ba364c4d7df29eefbb85fd8934e3abe4462d266838ac037dc540475ac2926a83966a3429d74c3dd51312b1019dc9a03665

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    566cd1150b1058e86502eea1ff0f5137

    SHA1

    df9480ea7eee2e681c7f2196dc954ec81e5f3250

    SHA256

    dca2f2b2c410bfebcd7fc899e55bf2b843a982532ffaef91426d72e031e2cb16

    SHA512

    86f02c23ac4ca081e2fdcde136eb259e85c2894a41f913c2dbecbd79a498f0884f2b07d01dd88b20e3be6f4768f3ad8fd8f799492d642c628013bd5c1163a3bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e39148bab7b400215214a65985b8de0a

    SHA1

    6fa92a9a4da0fca48493e2bc8f7bb0f2593661df

    SHA256

    6693a26a9d337428706f2b0020f82c03b3aac76aae836cffb11991db85a7d9aa

    SHA512

    1b125060fa4f4fdb3d336ad089f4b5b2fa69e21a65815ed4584735f53753551e95ed91f577ba97a519bf0e84354de3518bb60b33963d69d2e4f8f6b918175932

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    029480e81c073c2fd235aab40e5d0d21

    SHA1

    51dd71891ece498f5f953ee76a0bdef5eed291c6

    SHA256

    4f0d1f7b3ec72c577da1e9ba35b4b4ce576178990d9f6d762f7e67340ca97593

    SHA512

    a097cb9fa6fc6d6eecc5b1af683f1a1d81fe9d2df4525c361e591fac361179ca7e861a4bf0816b5cb101abd64518ccaffdaab6c15d77d5950534b047812642af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6699a3a2a5e65a03eff3eb733c867d1f

    SHA1

    11fd5cda9cc0bb95ea07296fcdbf8fa8cccaa8eb

    SHA256

    2af918d0e2dc425c85615e9c10d3c049147e19d6a361d8b51528fb563c0d76be

    SHA512

    8a9caa8c24f82b424f4dda580872dea6b83579e17626a1b745f8756939d9644b3ac646d4e5c241bb9fa3430f4b7efff2882b71832347a0f4b1b540f55fa50da7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    944237edaa1da6c4348f3d8d55c4c87a

    SHA1

    7d6e0006c45bb5f3b59308217fb4f73c202728ef

    SHA256

    d669b5182104be5e0f08cec47d436bb5e99bd3f9f43ca2c4fe55251a750309ff

    SHA512

    4e8e8f608b0d3f9f1dfdfe7be2aa0c4f35ac680934686a5430e077a69734221534d8edb3cd9a61daa50e4345334c689f713ff0b8fc4fdc8447882bfc06b05e89

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HNGGU6NJ\wt-logo[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDB91.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE47B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit