Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b09b342590...8.html

windows7-x64

3

b09b342590...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2024, 19:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b09b3425906f4e809fb36b784a58a353_JaffaCakes118.html

  • Size

    12KB

  • MD5

    b09b3425906f4e809fb36b784a58a353

  • SHA1

    0f949ae9e18322bed5ebea2473317fde1095df5e

  • SHA256

    494e61120613fe32112e38e101e60584e6c011baca3e9c5ee7e38bd6efb98b4e

  • SHA512

    671ab04eccfe91b8e18df3e37eb0a797a192b535ef18a4bf55964d16ca13a42c7523f134448235fc2450adb83f2f0cd0cc980b27188437e68b0dd016862b96a9

  • SSDEEP

    384:sWlIcKVBjIz/gueBdZNnbO0HQ0TmzguLZ:VgXf36xLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b09b3425906f4e809fb36b784a58a353_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2268 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d97dfa9330629b70af64bf3c35eef333

    SHA1

    47b43b941cc5cb40e467e6bbb1887bdf9d03116e

    SHA256

    471369fc7f819f5d3d75eedbe02e10702ac7827cf7ee840ac46a1700496ae624

    SHA512

    81a280381368b6abb7dfa7da18f18384dbee05d3af86229882a2fe690d465fed50845eaec8d72b08e61e236a6da219240ae6efa32375889ac28af8c36286a65c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d6f77ae8f8b3dae059508af7a780f879

    SHA1

    28d178a2ef82df00b64e9150a7ad2f1d451db757

    SHA256

    4c1abd248ef8ef4806fe1dbe48a3fedd8fff50057f53fa340756cc264959f632

    SHA512

    ba994efda3c9ba8af16f74573c6f68d6051b1e73f5251284d4a0a07c3a0bf759dcee8c33ac3fe61e8e6ae48aa16dada4e4c07e9ca5cb01b6886e8860cab67e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    37d02389c2bd30739503f1d624a79cb8

    SHA1

    faec7c35a89e07e2e88e0001e4530d5557afc13b

    SHA256

    a876b3f1592bca8c26f752374e6ca657f42c074b9172f461b00f75a11ec97107

    SHA512

    29a140bf7a59d59a1734129942f6c8350b00a2a0f4383b70f11398b4a0756740cc01562e8f954e26672d8d2c0dceac920ed7b516f4b0880fc755a6e89664f10e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1eaf63e7ed8347e91bfcf706d479b157

    SHA1

    592d60ed0ea1a94bc4f17aa8013484fb68e5b099

    SHA256

    30c13270178ec9e7ca75ed814fa0df26c51ca285f6e0c4d90a32bc08312be6d6

    SHA512

    730fd7376c2cd623fc96aeb95457e33dcceec08fc1055489d22d566207320e8e57606f03e443910df3ccde72e83c4b219164c05ff81c20f6e7486b12be1850c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4cf18ebe2118e92a0dc15b73f1829c14

    SHA1

    0c8edb75befb2cb303a995af782d8f79484a6d93

    SHA256

    b8454910a07eea38ff3d666735f5ab37b821c7fc769da49eb14c4ad8ad9eb39c

    SHA512

    dc00cb61131d496bf25a61b2299cda212de6092cb334d42f1a58e4b99dc623271a9b72b945b09b10dc3d20654b7ae91239ce4d0bc57b20751bd271a0704e7bc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    48fa825cd6df2b38d36f8d0d2f02e587

    SHA1

    06ec2dd6addf5c5a34658dafc6de26b399967ebd

    SHA256

    5d8f9656d9810cbe9c1563999efb1749e1790f804e2752a63a4f22ba76ecfb6f

    SHA512

    6ee1e59022652adecf69afe10e7adab217b4c36ca07e79e17065709fe2fae07cb67e4281511f3ae51006600bb677db31c9cbabe888ec191f436a5bd400414e19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    38473486bfee406c8312bbe0a6d5cb41

    SHA1

    c2866c4a4d946de321c8819eb4cff38b29a2896d

    SHA256

    b694d7bf3601401e827959b15686d2e3f6acd1233257421d2d169ad3a32b4c91

    SHA512

    33823f04f23d6557dd9bfaafd90a2033e9948811bbecfaab4876e68fced43a6e6f7f2f753fe39c92cd7fd6e506dedce09a9c0e3ce13e5cd71a06237bfc600421

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e6422244a4ca8567309679d06e85e013

    SHA1

    63c24f1ebcbb96b2f2dac584e10aee3ac651e558

    SHA256

    bdb857e50c92c92f452e80ea3fbdfed0571b2a94a2de772c6317535e574a81de

    SHA512

    5d2b4e4d1ab8e688d468bab996cf96d56d5482e88877948cd502ace48205ebd49adbf12541d252f0a12d3e6b6e279c75f7fc821458eb8472a37890f0f278f02f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6c75646512f134d270e06f17005af9b4

    SHA1

    e03e9780b3d589f46f998b55f16eb9df8b32f727

    SHA256

    de3057b241b30e69228c6c3d258adc21d3d9a43d77085ebb44ff1a0e7546dab3

    SHA512

    4c65193e5678fe26eeb7b91a84fb7d00f13d9ce018a3cab911cce3874c58664591e034eb86968d4ed561334290cb32f0303e0c34fcae8ff62a0a8baca938f1ef

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA7D4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA894.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit