Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b5abb32f07...8.html

windows7-x64

3

b5abb32f07...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 00:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5abb32f07fdd4a495f8ed05850064d2_JaffaCakes118.html

  • Size

    145KB

  • MD5

    b5abb32f07fdd4a495f8ed05850064d2

  • SHA1

    49c062fbe5f5eea003652e702538b59ee3846b30

  • SHA256

    b31c04b4999aab8f95f03b3edb275e85b6c6fa08a2ced338e508cdf3454942a2

  • SHA512

    7a879464bcd379d2bd6267ffb583f8dc2556452d13199a46d60d01cef18afbd22e2e53f112d9de6364b67ff3acffa67b8ea9360648ecffbadb4067b7b46b3d3c

  • SSDEEP

    3072:5B3sFiu7pcO80B5wKjgYikmI/nyGFd9BI+qHret0:5B3sFiu7mAS5EFJTqb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b5abb32f07fdd4a495f8ed05850064d2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2464

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    68a678c0f5e56936dc9b990404a52232

    SHA1

    539920ba3d2663b3a31cd4435d1ab7e218eb1967

    SHA256

    a90543a88c560816f3c2c8f0be954c8bbe3056c68575be3be4337e1626d69349

    SHA512

    7a75376d2c46384f6e11d2914a7dda72fb7f0db78e716f4390376297b2f5a95013d5af8a0eba806cd36464faef11e354f78e775829a98a1ce533a3cc578b9cb0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0928b26116092b3fd1c472bbf571a921

    SHA1

    74cf9e9bb2049153825eafb8b6e655b7a621f496

    SHA256

    ccc616173b2353b5cd93729fbb495356dca726d29904195645061d4fd6997644

    SHA512

    5cb381bd765879c41bd76d547386f649830980868923cef3d50b85f0185a091e1bca5c53832579438f5ef3970aea0bd62cc1c86b0550f0ee22a2d93c18ea07bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    467f5f12b4559d2b513d8022e72e403f

    SHA1

    849fad6f36d0b47ce6e12bec7cc11fc77a87fe71

    SHA256

    04cce9a6b041387a82820e69a75ec9478f9330a37c742e504b63754427d522f1

    SHA512

    daa5d8046cfd32c39dcbaf71d7cb253ab3be3b3435cb376b2c30ca418c5390e51c490f7ac15bf1f1eb012b6b1a173a463142fdeaea806440902e4b583b86f86a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bcbf434667e85e40eecaab052056ddb5

    SHA1

    b4b9cd627b252c75832adb07eff3ec871ac01e5c

    SHA256

    f9915caeb97e24563e1dae8850d1beef8d7c8ce66ac46e4663adc964953f88a8

    SHA512

    b1f030a15e14c8acfa55b3d989ed0c51edcc8e098759aeea1af475f0b3d2b5d5ae3647d6d50318d455196db288ee535203b262e9a0695d1b6537a92ded266d95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c584e77e0d800c0c575f5c8e7c4c0177

    SHA1

    dc7e998990dd800d8ed7f1db9632fcff62aae510

    SHA256

    7e4faac35ee8bb80bdc0238ed21c5afdb97a5a2fbb1fdc47ba594a25e1a6d45d

    SHA512

    3ea73694505a4edfd5b784815c7defaa31e9ab95500d13e8dd285dda39432a5c595e01b4492f9b1b87ce92ba94e296060700a75a8e13da68368246d1d2be78d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b929a4a54404149a088d6c882c13fb8f

    SHA1

    4d02cda0165d3f398106fcdff5c069040cb6709c

    SHA256

    a5219a2f5297097db94e158a0196a781a3780ef7c3485c111754e4a381ece060

    SHA512

    6ced1e2e881c459ef8f7ac341b143f32c346b2c3dbaaa01fd36eeac613b90200c713f5b9e7a9ae8ee9b5c5c816f188ce18ca6990982064db0e61eb37ee2b41f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    b17ead79477c1f3bba534a7f2d906436

    SHA1

    a9deb889efd41ab243bac60b1ec4da8573dbfa16

    SHA256

    361772578bd0c5d275be09419e54b4b79fe17f5ef918464a446ef1f8a89a1851

    SHA512

    136cf5949d4b1c8af511f709bfb712c187163d69c3e3f29c411605e125c676d63f87a94cf3589d0f075822163c393d3fb971c06694dc6c1af421bdc5e2faa712

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4MP1SLKR\cb=gapi[3].js
    Filesize

    135KB

    MD5

    cb98a2420cd89f7b7b25807f75543061

    SHA1

    b9bc2a7430debbe52bce03aa3c7916bedfd12e44

    SHA256

    bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

    SHA512

    49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4MP1SLKR\f[1].txt
    Filesize

    39KB

    MD5

    92e21882f1e031f5a59b2e7f2c258694

    SHA1

    f0a1c6414f246fc046756d713b81cc17c40a9f46

    SHA256

    2f41802727ed5f6dc0be1221c95f82b04203fcadc1bca23dc48e2ca0e359d54e

    SHA512

    47002514ad7739404c4ce8f97a131b739ef07a433df5a60ebc019b6e775dc7702f4034686c0d3efd6e435f27e6664754c324bb96052d96f6ad75e0e4427c618d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3FB1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar44E2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit