Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

bd4b827411...8.html

windows7-x64

3

bd4b827411...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 21:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd4b82741186e45d9ff809654c736c99_JaffaCakes118.html

  • Size

    11KB

  • MD5

    bd4b82741186e45d9ff809654c736c99

  • SHA1

    f1e9add1a9718bf1a41edb17d3babb66e63ec542

  • SHA256

    7908e6251cfb9022cb8b4ccc581278f8960cd1f110ab1007eb48af0eab069b8a

  • SHA512

    ab7d9a2f902bcfdf4b0fb8866ee9988e6e578ad48b2752312d3e72d44fdc86570dd41ef052d53a8138dc33ef58ffd266c3e32bf71e1c1e47a984b4c7fe62ffde

  • SSDEEP

    192:Q0So/oVV4gDuFFMIdAmkbfll1K86HNNArDNZPtf4isVhNzrX7JA/EBalY9rRy2i2:J/oIA8DiERy2/wLqHA2OmSxtLQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bd4b82741186e45d9ff809654c736c99_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9f49b5ffb3d9ac58a3c4ece6645bd37

    SHA1

    b885a320eae9ef6a26c07d84e4f0f5f2a4d2a4cf

    SHA256

    0f08b405013ade2c948d89346c594a0a5cb37c1d52c20920b4951930b82a17c5

    SHA512

    09afa3fe636994476f96315f7be6779cfdab83a6584ed1da04aefcdcff33b0b40acef2794727e7cfd216c8f63f5b70d30b923381fa9aafaba187077c4a7689ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    865339ac929b5c05885a322a3c2f416f

    SHA1

    cd14b3ccc5128f98f67504f719b632f70009667d

    SHA256

    9df7004cbd638b9397131c5363890fb09e40ba23ffeb194c669efb6de953e2ea

    SHA512

    55974a97ca3f3f9f7f2bf20ef98eeda72d0ae827b760a216059a079c6d23dd09d1da7bc98b5533189e2e5629195b184efd7894b8bd24314a538b109bd26edd39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0da62bc518c618eeec51ddebf20ce03a

    SHA1

    7328afdfd06937f770d8df8169b336a080dac4b3

    SHA256

    155ae0acd8bac250d082207448ce30dc4649d3fe10515166334586fc583e303c

    SHA512

    6e3483386ca44883c0267d560584f33949f6dfec40188f658efad47f1971fefafc8505fde83901d43b68c84f5c89d048e6b36462aac415c4afdaad0d9f6961f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a683f37b5b2a71701cd0624b99ebcb24

    SHA1

    8f2b7401763c9d12ea81102996a36da5c40812a0

    SHA256

    1abb596243d5d28c935b2b0af2db9a8849d32efaf0447a70a97a367c7cb846b3

    SHA512

    956f5ef123ded5665b4ae10c530bcb8c9b4344d723f565362f91ab6f2a0baf3318e3507ef3489a2d62e27b4c4a73e0f56c318b99e66d3eb8e85a0371ce5642e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa99de7f68e88e3749ddf6b0f8f491ec

    SHA1

    730ee4e70cfabcbe99d8409264b3e294277e34f7

    SHA256

    5d0342087856e1ce0a2d7ae80538fe8b19370e1233a24edb131687170b8194d0

    SHA512

    8a524e795aa1f41dacc3e8e604d50e48371d284f5086df5fd927f48210cc94cdf24a4b345e1d2ddac6198d28160c338958cc751a9605576ad4e4aaea370a4d54

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB51F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB59F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit