Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b7266a9cf5...8.html

windows7-x64

3

b7266a9cf5...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 09:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b7266a9cf52b368c09c32aaf7456d670_JaffaCakes118.html

  • Size

    23KB

  • MD5

    b7266a9cf52b368c09c32aaf7456d670

  • SHA1

    4ce186ed1f61d78294e2c957e357449b07cfbee9

  • SHA256

    54c582066c5c94b0a87b63756238f0d9576e6109ecb697cbe37159a9fcbef13f

  • SHA512

    d35e51b46b4cbe2d7372b124619751747e4393908c25392d3be292fd7882739c56bc7a57a5420578dd40da09df8fd227e84196ddea51ba324769978ccc8685c8

  • SSDEEP

    192:uWfwb5ngLmmnQjxn5Q/unQietNnPnQOkEntm8nQTbnZnQPCnQtZwMBNqnYnQ7tnU:QQ/9c6

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b7266a9cf52b368c09c32aaf7456d670_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2256 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a4ace271f427b192ff5c78c9f22a4b0d

    SHA1

    950f2710f1aa3fc96f75a964aee8642aeb920dc2

    SHA256

    2b80b528bd08b7b65d05a5bedcc5a3b51e5825b552b4dc60e6db22b468db4bf6

    SHA512

    cb1526fe6d9a1b98f321fa46e3710f1cbce1a93f5d0b30ce6c39b09a8be47fe82958de45f43ad2b42f0c19fa4e4e5c8297c8e3b34661f8e22c6922e4d2726c14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cacffb3800381312c7ea833134d8082

    SHA1

    30bbfcff5a6285ed33f18d00bfc072f7c73ecfcc

    SHA256

    6dcf27923d69b234bc9b95126272c57e8ccf8831b5f1a49d8344317826aa0d13

    SHA512

    55d98e99637be66be79d006347f4218213f0bbeccd09a9c5974a12012bf5483ebfd33c790933af557823a4d335faf55f33719c58283ce3d4e1c878c9dae24d8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56459975f07f179f5ef310eda5915f60

    SHA1

    d1bc9742d753a943d04ce92258db4ca590c95b5e

    SHA256

    8b854ddec3d4b0a4df47520bb42d494b367611e49fc836f2675e699dd94f5b35

    SHA512

    2e7445cf3feddd32d471636c1c082a0e3b435583a5e0e1fa6fec6686a83989961dbbd9ac38f053910651e3d2aea6f423914e48f70dc3fa7c3f102e54d1c68997

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b0a7c9bb1aba54da145c07e6e18b299

    SHA1

    ea68ef19c3010d1ffa5f8cc105f6482f1491d0c0

    SHA256

    0f5af2d39fd7f57a30c1726d22479aa1aa16bb86c5de2aaf53fe476d4edde30f

    SHA512

    d6e791f84d5d43abbdbe68a364488788d91c290a0f6a076b1679c5fc80fb95248b4628e46cb227ed33e34a032a47ca0d19f283cb8d5bbd9a39ed861cc098896a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e497c665bc8e5b7be80e1fbd79b6e59f

    SHA1

    16c4944b4d415cfde2329905ff355ca655ece3a6

    SHA256

    6aac3c00d2ea957b8168293217c2e36a611ae503e37a7808317df765196cf7e9

    SHA512

    f7019baa6663b2501b8e9a60c4a92ddbfdb72279e48c0f1f15ed6310c8738f36359dbbf6db8d36d146bfcffe1b5edc8d66a5bc8b83399e468465fc7feb49c86d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa4acabfde3cb0ad94f61136f2ff4bae

    SHA1

    c1f1a6ed174bc4f67f754bc71c2014dc814539a3

    SHA256

    391e74d811d3a230c9c0763c83ac446e8fc7d88aefb4b1bb4bd7cb452098ff0d

    SHA512

    6263756ff4c4633db8f2e943bfb54b81051dc03410e5959cc04a57e13539a1d754537b2befc3a645a7e0caa725b843250d3923c3244e41cc461675a7c22bfd4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb3afaef4da3e7e8136a857c6a081a39

    SHA1

    845d5fcc42d7fde026eac4d73253551fbdb8e949

    SHA256

    b236a9342b6125b9a06fee01d03e59d681e0471b517210892511e5a63f945d99

    SHA512

    6b429304a9598415c372cfbd42dd89e076aafa89d1934555ab09c19c34442bd954fc8d6cbc9e4784a46c142e2b034938f9c328d27633581248abb5bdff2ca93f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2A1D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2AFC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit