Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b96189e2a7...8.html

windows7-x64

3

b96189e2a7...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 22:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b96189e2a7ccffc2fae6a9d1c2faa8f0_JaffaCakes118.html

  • Size

    18KB

  • MD5

    b96189e2a7ccffc2fae6a9d1c2faa8f0

  • SHA1

    0f62bea10ecee3ef5cbf0205c481e7b55790649e

  • SHA256

    2e26b585b29ad3f8448ec5c22960ee35a8cb74b642726dbf3909cf70ce36b126

  • SHA512

    4c596d5e0376c9745ef4efebb22f719a594248e0cce80a2e9434b9f90313eed9ac6700ce5fe7d338ff602476045c8450aa5f9852deba130f7105db8cb2454dbe

  • SSDEEP

    192:VQ5cVZ7oxovwLd554ba08EFhI04YLXar4dWZSj0VuPfKuHciXOdJgU/hLallNK:e5cVZeNzeMt0dWZSj0VuPf0EK

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b96189e2a7ccffc2fae6a9d1c2faa8f0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2836

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ced2dc767238052caa2a4aa0970b177

    SHA1

    7711ea12f8b0b380d353c8391ec2198b7cc313cd

    SHA256

    68b9ae1b58b04ee86f25e1e3bcc83995f19000cadc9276b5196b0c897908d5e4

    SHA512

    411c21004e12b2613f22dfa2b4fd95122f31ea05b1d782e788f95ca6908216480d7130998d01c2243da8ab406716543943ed5f79942e16e7c082f1dff4645ed0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    446251b5020a986ecc37a58517685dcc

    SHA1

    5d4333e72994ddd586d795216737a962d8d5d80a

    SHA256

    2b2d7ca370b878f8b25ac7535a4393081649f571e82f653d01f7e3223c66d155

    SHA512

    036d98abf6841c531d2e96237bb8dd20bc05384988cf533edb03c42bf8a59d911e89dfd5ed9e23b91a2183f5c35064e43b39b516c02ebde5b2dba13956c38bdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aec4b8b0208bccdb6143fb4b8c6acb5b

    SHA1

    0447c491fec1061aa06d230ccc9747853bcb8ec7

    SHA256

    e5e737ff373a8d912ace8abd1e8daad097baf8a77897cffcd12be760e591d8f6

    SHA512

    dd3aa120ba19f5ea78735441d718f4794beb34cccb1bad438020b162896e6f82f8aa9fe1d13822f4758bb527f31d986c02efd612de5e20ade7f27288e074d4e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3278a1bc7afcbd1561fbc6f20e0d7187

    SHA1

    cb88b5490ca759a36458e8b8d4218ed748533fdc

    SHA256

    404e65e1aa936a116ce513374b46ab84583a8bc86a75eeda74ff1839d5e91183

    SHA512

    cff16bdbd7af42fe98e6a94d1935d25430671b26f6869af80b569a9cb190e79d3563f9fc7bf16013337d41827c291e16646f3091927a07c68703f55a5c1cead7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52175d8605646dbb16d73cb60ffa48ec

    SHA1

    66fac229ba78fd2effba5a1919079d442ff5cda4

    SHA256

    9d3ab7ec91fe200b143973eeceefafda24d064586f045aa863876cc9a7c3cd28

    SHA512

    be015b2f4aa8e16c27aea412ee85c8476d718f74ead987e2a3b62f8f51c2826aa8d96c42828049e3f2ac93f27ec2bb4ab90ac0f7bf291b317128ae4617341128

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbe1208809c72590585bb06ed0e68a3b

    SHA1

    25d29a0b3dd1ebbf67f78c26694723dca61e05b5

    SHA256

    2b290415c8770c006fad3fcaf8cb3d734e7432ca6df84c30d732c85598708e72

    SHA512

    2259389039af0a43e61b52e7a30c078bae9bc46656551c51bd2bd1f397aebbc9a0431f3d59e20f883969f17e3a4b98482056e9cb635443bdcd03d09325666261

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba9cf8b883a8e6e8b47f81910c25d182

    SHA1

    0efa5d0ca070fd33c08d477aa0bff9ca3cbf2e15

    SHA256

    8025bfe1d1a293c234fb9f8fbb982a5c74fcdd0d300f9448969f50e94c3104dc

    SHA512

    4d16f81d883888739f6fc7c77c64841826f8b4d83b619ac67a761a557489b292622de95f4f1d12d4d675d3278f394e0411c58defe432cb6614c57bbc386f7cef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d3fb1354cad22f6274c90c9ddd27def

    SHA1

    a7a7ca4557bff3d26dba94cb06814b2f088c0d77

    SHA256

    2e414a1bd9b2f11ad68512a9fbbf2f88d7d4f7d58382d738f8f50e1b90047ef3

    SHA512

    f3236ed5ba96c85c08e26e4715406d3d58b1fe750b944743098616e694ed1aaef5808d9dc379d055747e3d38e6d0308b66a40843e9235f8674ddb556064a8559

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c1f85cdb1d051e888b139dac0784526

    SHA1

    7450cac8cd511b51da632e7bf7a5d9357c57b6f5

    SHA256

    1872aad4cd16952e2576d65ba7877ae47f5d3591cf2fdb20af2e9eb158ac73fe

    SHA512

    c7d7420c7472391da3f6b9bdd0e404cdc2e4303c33eaa26c696726dc3f36f8e3ea6bfbd4aad37f42600503eedae959b77dd50f0f4807f6fbbf66e07c1fb5afdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bed1d2eab2b6f83b968fcf0123f15adf

    SHA1

    f314c6baded34f5e68545a03fac85422db6dd07e

    SHA256

    877f7ed8f938ec6386ba6f7a2bed9abb6890a58252780497bdc9fab2d277d9b3

    SHA512

    6f1e1f24e8663cf6a61dde41cef49bc4022d282ab03546dc7135db7fda58d255beea0b1b58802a55b1c9da868bc437350ebdc0c5b4cf9da91e6e646004e32ae7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8559.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8B93.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit