Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b52b59eff3...8.html

windows7-x64

3

b52b59eff3...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b52b59eff3928aa4c9aedb94a641d4a9_JaffaCakes118.html

  • Size

    9KB

  • MD5

    b52b59eff3928aa4c9aedb94a641d4a9

  • SHA1

    c2ecffc5b89d4dc92b39a3725a7654d7db9cf8d1

  • SHA256

    5f92cb050db398254c57b843a0b66dc4d8bbcd4398a9a5744a06aae0c32734bd

  • SHA512

    bd7de02962fd130a8d8bb95165d4b1965b9fada187590337ca10f793ae3e603f07179b6638f722f0d42a254f659f85fe9603146116031f4eb8dd79dbe3f8676c

  • SSDEEP

    96:BVWM/S9S0slbrsAzWeTfWGulgMV9fSaZfhya8KYxfyYu1rTi+R5V9fzE5NBKN1Po:BVWfEpFWh9fFqq9GBKN1IeWXnAi7ltF1

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b52b59eff3928aa4c9aedb94a641d4a9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2220

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0278b3b65e9825de5cb228165f7915e1

    SHA1

    3a6048e1945beb9f40c157a6599da457f7d10382

    SHA256

    41848cc6fcc31b055d1d5db4a1e6b9115222e00c7fd9428aa824b355d4f147d5

    SHA512

    c46ecd46e7e67f6800d2b17e58a5ed2a9f9613011f38ae6367faf2477925f4d151ded33f412608aead479b52e4dfdf6a8ae1fd52b949dc46bcc393bcffbfc13f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    478e4ed4682ff8ac355611fcd9894a9a

    SHA1

    5b6736495164870dc7a48d52850d15b50c0f0ece

    SHA256

    2a069085376f2b4f5a6a736adfd85190e7a9bf3b65e201fa985e947ff03f2afa

    SHA512

    ceb953ac25554ad92f39c15a05a9533e78852e5c8a8d2842c19af9a205e8192ccb87be08f6eacc397739bbaea4409c944de93f6c318b1d2992734afca32766d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c853b2bd5378fbca768a36f3c5df113

    SHA1

    7ca7096513729d077a566bd50b4b3031968e6c3b

    SHA256

    49c6c90de43ed8934b578ed24b2b541b5291f7831c9af137d313137f8221a874

    SHA512

    4e0986a410dfc69a3beb345ac2d253a22b5726716d9ac15e84e46e5c67105a89934a3b31eae7927206bed9aa43b111890ceef555567a91cf3c10de3641cdd87f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f643142458d6ebc8134c72f37fe20c3b

    SHA1

    65d09a474b8ded28d0fa2b789845b3a30915a2aa

    SHA256

    c255b8ae128986f5039f9a053e3ce5357dd457b68a572a6153431a94be7dc893

    SHA512

    01dc0f41571380547098cf5cafe6eae1ca2ff8a01022bc8ba0ad04018f430f6a3f5e3fc2dff0989c62422049892de8322858bb43f47a7dfd2276a93597495676

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fa9980ee32e2d816e1c0a2c5eee3f32

    SHA1

    c57b9038e0035be274bc982950fc96481b6a83b5

    SHA256

    85b169f8460df8fb88941c06c0ef9618e2057ebb3d298a78a9cfd3d97033101c

    SHA512

    65bc8a53a59cdcdeea9f21447e6b2137070df586cf68dcbb65bd99002a13642c05ce6d0431ca04a1373f8943d125e6f03097c09f862cb1ebe20c705ee63e12f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5afa2f8d4907734371abf82beb325ec7

    SHA1

    3595dd60c4ff31ee32a102c1e35664f3b185c477

    SHA256

    e9da80b1598ed765823bb6b6413964524d808c9f838a82d671ae6d2f2c40c38c

    SHA512

    5fad5ae90a994d17fb452bdda868ebc4bd627aee0789297264923860e8ebeda8f004a69de486e2af3cb0d376d26a55755d2b1b1142cb4007e32ac14c2af904d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f7ba38746a6b420a85ac715ef9c371d

    SHA1

    e467927d2e59977ffda0c94643d7fca22b23fcfd

    SHA256

    6c514a9b8a69a454b5bae6c98cd3e28088eca09a4c4fa8e65fe99fdd388542e3

    SHA512

    e06244513bd07ac7252defd80281bff6dfe079ecfcf5abada9969e410822281ae8f6324c794598cca1dbc401b70e8142628265dbb30475d50c23adab37fe7221

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3a76c01b618bc05ff838b19758939d91

    SHA1

    6dca18ebe38ffd1de8d9dfdbc080f1e39924223b

    SHA256

    7d0ae7004ad1d111df89db68872eecb0c08fafb3776affaa4193aaccc19c89b9

    SHA512

    f28d260b0b5f10e945fee3ec791276385b847c598df228a8070fa16ecf79c3d5451d34d4c8216d34dde2e8b6d101967badd91cf685a17d8e65e24e102399df36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be7b663a2ec4d6714cfb585b12271b8e

    SHA1

    a8bc8ca9de542b469db8e851a05b78a1d8c1712d

    SHA256

    11e463197984f70e4e1a3607a62db180cfdd71c22777f55b5baa18d4cf762318

    SHA512

    2cbddf8549ce1d0d2325eefa5ece3f23e7dd9a53314cac47123bdece6d0ab997a081637f414b511883ba98d51d11f9271c833f1c6cedd3719e948c66caffdb5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df82c2dc0a4cd9e19c564906f8e32b31

    SHA1

    86c62b1695380e1d8aa8137ea87f9f731f0c9c84

    SHA256

    84e5123d238e702f7a41be10d88e6e2914a41be8d5e41542d1de152873ca53c3

    SHA512

    4c3d71dce881f810ae00df578a800e1c75d7880c66992c21b712a88fefff1749e5513fef23f29c300c66b1e47ef0e2831f3af296d325b429076ee11233506753

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC738.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCFB4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit