Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b09a2e8f7b...8.html

windows7-x64

3

b09a2e8f7b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2024, 19:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b09a2e8f7b3adcb17b4dcfae75897238_JaffaCakes118.html

  • Size

    229KB

  • MD5

    b09a2e8f7b3adcb17b4dcfae75897238

  • SHA1

    9fbb9d6bf2535f65140af93bbe559b7864b6408d

  • SHA256

    a5b5db8e0dc99185aa9e319c90b94582f3de0bf76385d547dbbe0ea75b9f75b1

  • SHA512

    71b672e1e07c32f235d6935597b38fd466627310573521febb3f6a7a399ea828f24cd59407fd64691b23b2e69e4029287ad4fab2e3ff604b8d0c1efe51cac48e

  • SSDEEP

    3072:SsNM41yfkMY+BES09JXAnyrZalI+YuyfkMY+BES09JXAnyrZalI+YQ:S6MXsMYod+X3oI+YLsMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b09a2e8f7b3adcb17b4dcfae75897238_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1648
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1648 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45b21012c33c0585198185146e81d220

    SHA1

    618250118513caa268ec3c2d56f36f1756608f0c

    SHA256

    8e9f92f45bfcfa350314cf98467049936ee27baf74c391aa63f19a96c72fa6f5

    SHA512

    4116a2783280b94d05156988a6e7f89161cb1afe1497a04c6e7ef20280cf106b60f696d83e29d55aaad6e6defa9171d1352955132c1499496c938ddd6fad8b8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d15ef33c4ab488b6f584a66182d1efe9

    SHA1

    e026f8ed297c40ba71bb85520186abf060f211bc

    SHA256

    b4def4aa7f217f448467742e98250ee39d643d11b590e0a20600682474dbf04b

    SHA512

    c022c49ea15832e60f7f38d87a659073b96fa775c43df90e5bfc7299073ffc0b96acfd30a5a3bdf5e76735f842bf3ac5fa030d6502a390c0a2849028c39e3d3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ce1cbfe095f9506d67d2f8a4f56dd97

    SHA1

    d252f22adc183f8da433821bd53e4709b02e1b93

    SHA256

    8cf2ee6b087d5c500ba269dd12827717348d6399b05cf954ad73f871dd50f9dc

    SHA512

    b41ffd3d74d1a0e75704a841918e5ad4265156535ddd0fef19e6cae773c44a592f0d0eeb0531c06b6e5dccac5264eece5218f0e31010a18e377923a1d3e2e867

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d13c92234c4527fde2498ead480ba5a

    SHA1

    7c9c21b574fbddb029359ed503cb950064e2722b

    SHA256

    8460e2ce57ccdd6d20248915d7a7b5fb114b0b168b8e11ea021acde7b5fe570c

    SHA512

    fbdf0a374f5c1d2d059b91e94ebaf4455798a80e59f629849dc7ab7a5ba45eff8d000096f522cd5e229d3bcf8aacdac619d1985055a3c46fdf5ffad49a5c3051

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25af4d7308a86a06a639f3d21343b761

    SHA1

    2929d84cf4ba2edd9e4f2be78968583838aabd9b

    SHA256

    8fe01ebede025858b5dc03fd9b611d7caccdfc2a7c39f6fb0fe9c4edda68800c

    SHA512

    10cb6c79c75d14083b26e779f04034c5903258e9d97eb3135da0b4e91576079825a253c7d9af3dfcf8b77ff57e7ef789b97cb468764b2ad2c633bb25a86d7a56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aae113be6a109111ebd117bbb21bb7b3

    SHA1

    9ab059f5a30eb8c6a8b579f8bbf1114e4f02e692

    SHA256

    b00b4a820db7609851e170c2f199be11a1419c87ca06ce145d15ddab14ced4e0

    SHA512

    43ec6a4483970980030c90c12027734cbdb79beb7345b4ac4a7b8879d4926095ea3416947db098d2c076fff733cf91fae7d07ce6afb75c77cc5a53f8587e5a7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22a5f85a2214cc1bd1672c16a472127b

    SHA1

    69a4a51f9651c73e5691bdf7da3a3f4b99597415

    SHA256

    e80098d1c96b07e213003bc18dac5739ae89319663b574d86c9975c0892f98f5

    SHA512

    de121505abb41d682b2688fc4db3e52f6821c126bf01e2160d8ff2e03f6c5ee04ec5e08d409702174ae9af7b0aeeebf4aac9f8e6b4830365b60bc4a4bf10d150

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a39a6da5da0129874db1c31cd409353

    SHA1

    4ae28db78f5b187c983a9722124f9b786bcd6dbf

    SHA256

    4743e1ed9d2303b78623c4d8fe15d985e3c10bfb575053a54ed6c4c3ee48ccc2

    SHA512

    05596d91197cc2fbdd3cc18290b032c21d40d971fbaf3dad3e49a5fcc615282714e005ea70f49c9e487610d33877adecebdbdd6ad1de6b2b8f7db776d080a49b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC813.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC91F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit