Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b8053a9bdb...8.html

windows7-x64

3

b8053a9bdb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 14:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b8053a9bdb9d4a3b35218568ad2aebd6_JaffaCakes118.html

  • Size

    33KB

  • MD5

    b8053a9bdb9d4a3b35218568ad2aebd6

  • SHA1

    92e9c95d3d33977200ce110f53cdcc385f795a3d

  • SHA256

    c10d094737666be8b804b810a11e99fd177c5ac6b4a36d02157158ebb4b47f20

  • SHA512

    ee814fc60da7ac2f462d0b59ce30b5be56f117f0184331c5c4e1125e6c3d775ab8eb7661c2f8df1162d4c1370b73ef0338482e33b416501ff13068f6118f1227

  • SSDEEP

    768:QQqL81D/eAi4Rdnimaqx289DzRA5eVtRAi49YSLNG89De3A1u489D83AWiEXW3AJ:QQqL81D/eAi4Rdni89DzRA5eVtRAi4Pb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b8053a9bdb9d4a3b35218568ad2aebd6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2632 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4FA45AE1010E09657982D8D28B3BD38E_BE32D9F1882B93E37445F58E05C44495
    Filesize

    472B

    MD5

    e0c50d942eb3dcfacb16e473499e4f82

    SHA1

    89bee907b2f535a4b1e6d29ff135320da0981965

    SHA256

    63897126b3840d76366b12a3a096f47131f3b34aa5c240b66bb10d2667128d1d

    SHA512

    4d61ff961af4c28bce0002571da13606b8515a164753f924e863ea59a7bab79a2a18cb8356fa69014d33c014c47811b0f5e98a63b561738bab7c1f875b0e1be6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    2fe133ec1003c65b43e8979e4196746a

    SHA1

    7b7076059c94296f8ddde3e591c17510e5ed7c7f

    SHA256

    b623a41ff4bc52bb8e4ddea7fc14546eadb95096b1f7674f4aec21aa6ba68c13

    SHA512

    d2bb9f49598a63316f3cd95e40e14bf519f836c76ee0b2f7674905166cf098b4004349ac65ffc659f64f1c3baad0d58b313fdc72374e1d75bb00149b93a30714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4FA45AE1010E09657982D8D28B3BD38E_BE32D9F1882B93E37445F58E05C44495
    Filesize

    398B

    MD5

    d88c1f20d5dcbc8d4ea9fdae9a431f87

    SHA1

    17e4e0868c3134d684ceb29281e150b7ba84527a

    SHA256

    98720ff8ba6d6535d4658d46682ea1cddf2ec3200e5e897334ab1fb4d3f5bc0b

    SHA512

    83d4fd37ece4fd8d6751d5ed4e731276c103d8e68065fd2032301bebab7f636e9af460026222136ddf893be972a0ca519e095aa2fdcaf836a791091c72a18670

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a25fdc628f7df92a20c493e55d3bc53f

    SHA1

    cf7969f8278ef1ad195d0e871da40f72fbc03a6a

    SHA256

    103231b56672aff7df7842afc0f529d6ada2e1cd5f46b5ba9575f2946db480b0

    SHA512

    0064aa6ff203f070d69141a48beec926f4d8de54f1a5e7fd6e6e997523a440e666656ca6c4c3e6b7933c708a195c05936288300b427e95b23bff7adc13b7b5cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9d381f34f36f051870cae4e97e68c03

    SHA1

    d0f297af115b79951ca7a6e4e1f37dc5e93521fa

    SHA256

    fcddd3b8b7bb52edf396a6262dafd58d29c931231519b362bd03b60d15121058

    SHA512

    48aa626b40c5534ef7c96ee07f65731b661f2f65bd6624ccf6f572394f76772d2e0f5b8c08822ef16794a54ae3f978b184e7cb232d3b17f9f3e83c8030ef8807

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af37cde5374415d0ba7073a95e47765d

    SHA1

    e75d37ff46adcc5e59df0d5b62326ba6a7d7f3ee

    SHA256

    8a87002565439281c2e40824376ab10278b68dc0936b6003fb6bc57fbbdaede1

    SHA512

    725e1a761493f519027be75c2fc5bf57552e3c7cfc95c937c542453a89cc8072d38468e546040a83073d375dfe32a2a6c98848047c1c4848deae90381808a553

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a06f8f83e3c2fd98ea549f3820993a06

    SHA1

    dc2b656f949659fb96b459edae67e3567c662882

    SHA256

    7606ca0d72c1b1d744986b8d8f048b4f47f92a52be3b6150fcf969aea68fbf55

    SHA512

    8e82fa928fbb2896e211f77517f2808e7871772743b3f5633d5eb32cb96500180772e215d889430efbf892dbefdd7f4151624a5162a3fc785153be8c120cd430

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    469b5957ffdc8e114a22d7a6b2bedf70

    SHA1

    17bae93b0f5ddafed3382907eb63d050c47bc16e

    SHA256

    5987356f00f9dbeda4f70784fbfb3a74fac0e7cbd0957357f932d6e01a9b0899

    SHA512

    bcccc9e1c448560aee904e7ad8d8f75c8f4fe277308d206420d5164d4842e5e2b6307358d86bd86e97b58a685828841598d795f964c61cbd3b4f28dce557fc41

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF8B2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFB34.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit