Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b6e600dbab...8.html

windows7-x64

3

b6e600dbab...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 07:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b6e600dbabbca27ac4a263d3f0492f94_JaffaCakes118.html

  • Size

    12KB

  • MD5

    b6e600dbabbca27ac4a263d3f0492f94

  • SHA1

    35f150b418d43a79dd48bfc52d44a8afdd8fb7df

  • SHA256

    149d9ebd71efedb8697fe5add8a4985556b821aa4a3aa8f153389b26ab7870b5

  • SHA512

    d29383eea31b77bb2fd83c4c7ff6853bc9e163eecd39d5a2ce2416da90ee6d48af3ea4f83ddb3814970503ed39b9424ee14ec5034d8fd053e952c449913c7959

  • SSDEEP

    384:ehpxXLge+6CXvOrS0+KseSr8Ro8Nnw4bC:ehDprS0OoRo8Bw4bC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b6e600dbabbca27ac4a263d3f0492f94_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1984 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3e1ecbd4a92f93db2cd8da3899cf97e

    SHA1

    97e98c30ee331d4e710c5e51903a61294e549fcc

    SHA256

    4e9b011c1de00279c86080eec7ed7de9b9a12267d1c91af9abc2f29ca03fec3b

    SHA512

    bcfa1e144db0f0730b32978e96123fc700abea2b18949228cb2d0e480aa4798d154916554beee79e8a21d975d0bf93a0996421daa83b7a1d66f80d914019de5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87d8f22d599ff25291e8977bd688aa28

    SHA1

    178f5074a7bd6117717979abaf559d73248025a6

    SHA256

    07cc96a12108ef493c9d55e69aae0b486b2add4e564de612938b5eab13db1ad5

    SHA512

    465fb4d0c10b0f737d86a1a65017a8e599ea1b3df80a973189fbbeb4a568322577bc36e38ac5bdaf039f896c8cca8351f5672d9ab8fc48fc4227eb2cd2bd5629

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a891bc31b78d42c2cc37498483d24960

    SHA1

    803933966a380ee4e0b66d99b924e72b9d9f9478

    SHA256

    054726a649a8160ae3d80afb0d14fbb7a3a9baca77c9442434bff0dd74d8f35c

    SHA512

    72636fb9706f6c571ae522c9412894df19f504e4ce0766fa5a27f31095c19d48a6d1d9cddbb3301ff9b563d7ac6fa898ee48304058aa4fcfb192bd202238971f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f933c8ccdb4dd4b6ed9ad8396c8b949

    SHA1

    ba179551cf342909a7cb43f5b2d95a4cfdf88dba

    SHA256

    a9fef1e5fb44b95bf862e61d129cb8c85eda91913193b1e56ca50b1c0f517dd2

    SHA512

    884d6369ce403f1a86ef2d485a9a2b10e8601b39ece992c39d6c90f73d576425abca5d43219e96fe06827d88c407f150fa82aa615619599febea5f8a57cf2b84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8238d9b6c5227794e3a6e00a80e28210

    SHA1

    76d37570b0aecfddc305784f886830e91d0dfd6a

    SHA256

    c278ee248a288509463d42a92136e2e34c31723bcae819c52fa64fcc25cf589c

    SHA512

    6842af26d4a28bb61673e62add0376498ba127c9810c72d03e94fcddab9f25c0241a01706f2c04d7fdd39aa048f955d4a13e7ae30feef3d4971b90468fdd6593

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1748334c345b7e3c91b4ea0ff61d6bb3

    SHA1

    a1d94be2185b77e8a6b850ee2c5a22326b2c972e

    SHA256

    c47cbe28748f1cd824b9596e42231d8b8aa2fc1940c18fc63cfb8c22fa1c4900

    SHA512

    03d072befcaed9d762fc728713ffe075627883697d31b1584dd2604cf2a32ffe40884a80ab11881a5821cec4092d8afe5ed2f0880d48cccc121cc771722903d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4eaaeced4bc47112e097db6993c08553

    SHA1

    8ea7afff7a5029541754b2f59be0c6e59b4576f8

    SHA256

    1d9783824d82ff4b0126c7cd59af90a85fa47eb68032774d8767b02bbc4116c8

    SHA512

    bd8b2de0653d5f8b97bce7b4d675448827455f5f11ae5085ade74f7b83cb79d630e0d690d8a6a4fcad5433ddb8c623f2b98d1236ba5dae6691710864e1a51eaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c73b73cdcc458edbac3af87d6261337

    SHA1

    46da5521e6d0f5a3057c6638c82b97af2f827c2a

    SHA256

    b88b4908b6e609f5b2c17b051049b7644f06121c82ded8e00a536f2ca4b57abc

    SHA512

    353a6b76576c3b69dc34461f20312eba222af47a600d61b98dfca35816ff882429bac33339a7b932f49055ab139204fee81c10d54523514b8c8dc76df6dd3c68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51635cc27f5c89fdea58166065fefa5c

    SHA1

    eb659c4aaa5f1d350d46a6ef703aa5ec75470b2f

    SHA256

    ed94692900c1e8c7216ee2b14a76c5578af43c113e0651959ada245a76b6bd14

    SHA512

    11a527d5b14289a3e7cd8645511b8f7940afa66c765f23675aa953d04e6a5bfe5c83690b440aa8f11ae9a9281cd52e818ade6fe6755a05c2ed8ad5a56207c362

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83a065148adeac7b9f43f1d47573a380

    SHA1

    97b407accc528c9e94ece2c4ada797c8084fe0c5

    SHA256

    9b3b9fa8e2958c652d1c29d3226875405c3eb4295901fc7cbb75e9cd3ff5f3d7

    SHA512

    3288a3904d1f1bc4d7649fb99b184a654bc292c268d095819f92058306f157bb77858f176004f6c85e6452987b2c462256794080dd444a0f1c6337be1a8b0c72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    baa47d65885ef141183910dadbeededd

    SHA1

    014804f15b8f20783cb25df72b14a2ae2d9f21ea

    SHA256

    cc00e1afaafaf73efaeede7338931419604d750ddba529bf602afd4ce1ee6d14

    SHA512

    c2fbb178b67bc81e58fcc9aea05bc3970bb7e6b78e7dc7f74f36b93e8ece750da416877c8f71099f5851514ae6b3d40ff84689367cab192f46a39c35c16b4253

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c638c0538aedc0472320c380f4444397

    SHA1

    fb6d40cd9004312ba8bdc9d6dcaab07686e1ec26

    SHA256

    2bb7703d64facd52e7b5a95ce9728ab49f7bf08f739a17b0076c08ddffe9bde6

    SHA512

    bf81965bb4dcb97935aed6af5398becffcee8d595873824e9a15c42ab2b7e845f613006c7fcf48a006fead77a42198db8e655e45628ebde1c02a90381d6ada42

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAB11.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarABB0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit