Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b6254a4b05...8.html

windows7-x64

3

b6254a4b05...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 03:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b6254a4b05062e01f73fb4143e9db3ad_JaffaCakes118.html

  • Size

    190KB

  • MD5

    b6254a4b05062e01f73fb4143e9db3ad

  • SHA1

    d2bc72fe949327fed0a0ab2fc84aa76bbd46a352

  • SHA256

    61bdff4e1581023d89243358434e2bc01eb8c6206ccc5348d1a01f6756888f78

  • SHA512

    d93b532b7f0dbc99654ff416e2557933cd78993080d39e78d3c9d4a9518ca6005899163de648fc5399540bd3dc27051ea6437c22552f94741bbe1ac4c63c8d1a

  • SSDEEP

    3072:eunbzyfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:eWWsMYod+X3oI+YS1tA8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b6254a4b05062e01f73fb4143e9db3ad_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2316 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfce2ad6d2291d01c1cdfeb1f90d25aa

    SHA1

    7b13f4464fc9e800817796fef79297c6907d434c

    SHA256

    1c951a2c4b5d7eefa6e04e4b3a5b608fdd581c0d55fd23f83f5c0e5af69fe130

    SHA512

    afac5115088ad8668a47fa26e0b11da74b554d59d441d4703321b5b657997e83c79faa92619ba5284f371e0484ef0adc373e67f406c5d32f415f3e11ab864d69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    78171172e7a33d2f6021b7eae83271af

    SHA1

    8a84f41fdab178244f916aa030c8297669dd015e

    SHA256

    e8010be76746c57a77e55b1a1013880222f3d245406c5c72674584a2468e9bdd

    SHA512

    17deae3476dcf4f2682bed6f25f0f183fe8e693077964b64e1cca7a47c6af965f3b870137477b13053a24092512f4e3d15589ed2dbb8da84aea1d95b874e4bd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f33955c5917f0a8fd1e4a8481fd676f3

    SHA1

    1c060acce3ef203095556e2ee094d324a43eb73e

    SHA256

    2078d8dd2bfa9522341a99a0ae6ae675f2dde1eae3d350922002a5a85fc3a990

    SHA512

    c5e17e3c30e8de427799dc1c8334a0b26dc9a4bc873f21b95f85f083f963ce4061d6f95171c7c4409875c55bc50d1ede0b0300fb7a8b232b1ab9a74555e9d7b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c51625a13adb031f11ac0772ae615032

    SHA1

    2c79c617d8fe746b440a24ce9771367493947642

    SHA256

    c0b3683f40d6f5c8e5e88f868e91e18e3f032135d6593f79066867e5efe51d62

    SHA512

    41dc2a7e7f6ee250a2db457f6a4a1f438c2ac9199ccd7a12651dbb28ff60297d6aa527f2776850e7a932fac659331a04e62337728010c70b93e960204f4c34f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04a8ff2abb1af2c62d6e3127e7d34540

    SHA1

    8c428906d5a8c561b9736805895bb85f5b1c36f2

    SHA256

    5b7e37d84ada30dc981be979b698d794723a82202bc88b3056b1208a3116d7d1

    SHA512

    ec38f9f0b215b6910089774bfa627e0b628fc88227cb03a563e6bc7681c952904f8de924b035e4a7598e7d9b9e0a6a513c5b2a23c07102518a24bb52ac54cf65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bef5517519661af4ca944f4473e6238

    SHA1

    51b454d98731b2d063c6e60abe935adf4094ad81

    SHA256

    623c1abc6a784637832fb58792b050ae60068c33deb954a29d17d0c9b5371db1

    SHA512

    1c51d868bb9e5204042abd7b5355cc65d25183ceec26d2ee8462fcfbb29a6ecc4a1f00c5fd879c8c54f8577faf504b1b631d955a94ded010af601c17330aba9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    221b97f98aea4cf07abbbb7a5174f675

    SHA1

    ade6e5fa88c8846b6677b66b1588c9bf0cc75dc3

    SHA256

    4b38f05175e82831b8787c7e0ccf81c5e76679cee659cf9318fe1488adfa3698

    SHA512

    9ed0524e0a77b1a780e9cb50d93681991c3ae8f2043923191a8f69f87e46be3ecfb764ad3610718efdc58ba745eec4914ad4647a89c18edf7a13c9e76b914aae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a8379b077e535f04bff094a27c3886f

    SHA1

    dc3f0907f4fb47757c1e4801c5e347162e6e1ad9

    SHA256

    65bd06abb503b706a9861698e849cebc720e5de0e756889e5f7e28a5acabfa60

    SHA512

    812ed97c1ddf1936886fadde57cf45320c9d1f8f69f39f0cfa6144db18f17757beb8c225ac6d16c488dff0cbf074b670465593409b7fd012290d464e8989e1fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a37e1d54c6bee5688f5a9a525c5f5907

    SHA1

    f5e3f449424a57542fe46d9037195759c5e9b5c2

    SHA256

    8b61142dec1759777b9ddfa49d993c41635f4fcc511c9067985ac5755c807db8

    SHA512

    b77dc1a404c4470a2b87ebc9faed20e5ea470cac12aaab863de7c377e8d763bac4241ec657e1f71ae6b101038e23151dc9741480cd3433f83917ff19f21a4fd3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFBDF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFBF2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit