Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

b90f5303d6...8.html

windows7-x64

3

b90f5303d6...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22/08/2024, 20:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b90f5303d6656cfcee75c70218d37858_JaffaCakes118.html

  • Size

    28KB

  • MD5

    b90f5303d6656cfcee75c70218d37858

  • SHA1

    226d33e917c7c4073677e0fc5ff3832d0279830b

  • SHA256

    61e1c82dd47d1870f745f7a8e9d0728052b7fdbd2f939e6dd43f76794a62a794

  • SHA512

    9b547fae6dac966ee0d34996dac3a5965d3c27498acaa9f5298e6de3b4ad911372fa87fab3e921326ef12e74ac3aa87ef61168a11e04aa3e6e28a2d2408b88c4

  • SSDEEP

    768:ZsS7LILhaeeIqG+M7LK2ukxCb4LhEYfHIkVbqsO5P5jRajQosg0qZKrOTXkwJ8d2:dBpoB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b90f5303d6656cfcee75c70218d37858_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2672
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2672 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7d298ddd12d81ae294b91ab8b014eec

    SHA1

    bdb3f710397c760c4df96902d3b85793bfe4b2dc

    SHA256

    b813c9c76c1917b20bb6f39761975464daff8d3090c1a96e76bd62da78db70bf

    SHA512

    da90a02683934a5d99d6bbdc9ec92b9120f314878ff0f6d31059da22111025cf2a062a2afd85f8d8f35feb13530e9ccead92cd4d794fd12d10264133edfd3b0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08529922d8fe6d2978a86f318dd3eb7d

    SHA1

    2f21ec1b98ac8a294b09afc173bf026ad4976420

    SHA256

    f55999456a83dc715e5fa57e0f3e780a0fce789f29d73fd1a6ffb528ab09da59

    SHA512

    3df92ff2f8c0dc0d4cae9051f1c0aa56b5eb4bc4103f85f94c2fa259385523953a3b37925a8d164e0e2c86616f3cb3ea3a8874c94e2a01373a0b29774c2f5203

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7fc5b575bf616bcbb03e407a2d42dfee

    SHA1

    c91d146b710c6c91e9cb4181e63fae592cdab476

    SHA256

    357af75ad349026a5177f6ae56e01b9105d8558f292da38d0934ba386b74013e

    SHA512

    c3dd32401d2979a9a7094611aba36cb17694adf0ea4c671375f9f412bdc50a7860c0dfc294e5404ea7ef960e0f41e2a53e54795c32403e110ac832caaa243d70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df6ffa1904c3ee7dc1a0c34c8e737926

    SHA1

    a9f20b8220dae140ac03e79e131241e46542beae

    SHA256

    d7058f7e90aa867725cb22e4a3af8deb1dbfccc97e5229b135ce44f2345ae0de

    SHA512

    0b6ff3b1b865e024044c7f5efddfa599d1682a85eac430ebfa49b91400a768ab184577f367ef1f587250a8eedb48d1206bbe3f20a7a75fd7a2cc7fbac7bed76d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2686.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2706.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit