Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ba7cfc536d...8.html

windows7-x64

3

ba7cfc536d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ba7cfc536deef6e31d7a07ff1d67551a_JaffaCakes118.html

  • Size

    5KB

  • MD5

    ba7cfc536deef6e31d7a07ff1d67551a

  • SHA1

    f38cc0e876e5a9a96b1c43dd1d4997a890072e33

  • SHA256

    0631da72973bfffc616eddf7fb880b01ba0d18dbaa58aa2fe516f0e1130dd4c8

  • SHA512

    cc5609d583ffc742e43b1f16cd6194c9896be6e67608fe06ab3611cddb734800a7a43004a4e3113da3c48e01a1db29ba86b58640cdb31dd0f7d405bb409ad75f

  • SSDEEP

    96:Cg2AWBHBDrw9HLkFkP5DAQnstp/Tbc/4ekM8SGbHf8OvGR4yqT:Cg2jl1w9HLjd1nsj7g/4ekM8Jb/8OORa

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ba7cfc536deef6e31d7a07ff1d67551a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3c09ba2ee65f6a163d075bc366778e1

    SHA1

    ec900b3affc22e390d72919b8ff3e063541fcdef

    SHA256

    045179a7c3495cd26aba330d1c7ab93a4ac910af3f54fe86df745ae74e18faff

    SHA512

    588158a87dfa99da6ebb043d714cd47776ccde05d89603d35d26d4c739831349f5f1018c2dfc20482ad8c2fb1302758f94fd6fa32b3b85204d1c559f3d99a7de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5564c6504f4a886c3430c96fcb451fbd

    SHA1

    86bb6abf9bbdafd2f4760fb5c0bb06fc9de330ba

    SHA256

    e36fa57f51cc7d5abada6ed8e64119c08d728d3fd63c7e9dfe640f724129cae7

    SHA512

    40321097d0f3ffd3fbf4f4b58b76e69a81feeda1cd6676813d59e0783281204fa93134d4cc6cd7a64ac7ff30c5b4599f1c7b3b501e6d485c6a5630f22cd2e172

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eea7b10c95bb19723b7506b4b5c26b06

    SHA1

    6c9d33278679af94972dac1847718c9152bf03b4

    SHA256

    68f2231d0f6da0bba45d7bb5e05a1e23d510a8a171dc801ad670f235e60c55ed

    SHA512

    1356c31032689bbcc4c46829ec9634bbd17f273928b7e48e8b4b378561be7da29078e980bd9d702780ee239ca43e10c2dea694099c00fedc832a8c047a0ba3a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a00fb31d2961332efebe693ed011a424

    SHA1

    6415eef346274c76c296a8e1a4574e82ee59c01b

    SHA256

    721e9b6f3af31d99cccfd2c960cbfc6aaf5c16804d7856125bf39011ae5ee1a9

    SHA512

    c664a2868f87d3d29bd7bdabef82e81ae689164a82a00279aa118a50c48e5bd62755eb0ce5fa51394c2a85b7be45ec5f043d6acef1a8bcf0209254bcb369ae71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    649d610c4aad0131a8c298dcfe3c169c

    SHA1

    069f2b24508a00abee463294e838955f91e76626

    SHA256

    d5fc5755ee7d78072870e38f09605b131bee04ccb4ff8471126ada067d9099f9

    SHA512

    65a6e93d96955f4f1c0f2d31b86f36690a7fbe3dca5f2f6fd08b49d537f9787a7bcb4ec02c9c84f9041a06559d1988c85dd307369a8634400042f25019f555b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a113d28bfca9361375d2cede68b0c84b

    SHA1

    1ce6314dca8d2f9055c88f8b518cd578a391bc96

    SHA256

    2d52e6082795e9289bf9250da773f55860f0e861fefcd67644afbe84bdb19239

    SHA512

    960cce9043fcb66df75ac9101e40f3feec023cbe4c107912be4ae8481a3510656d0404ba515f8945c735422ba70d98ab34a4be1452568b4a3a44d7302ddccf87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85ef076faa8823da5977f508223f6c66

    SHA1

    d90e87d23af1cf2e4d0476b06ae602f8aef3d1cf

    SHA256

    026449101cbf9f07111c25a0da952e2161acdb23b70281b1dafeb091fd039690

    SHA512

    19edf6ddd9228d059d645eb8b4f9867b2fb72835b5f313b91890f86ffcf27d6892a1c39ef22dd46187da94570e79464ffebca74c306aad26fa5bcd0c08cc7b9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    594a7176ffd89a92113a4401f72568bf

    SHA1

    370d2b93d490c4e807548391aee688d20c2d7536

    SHA256

    440ff5865f2fdf68ddc13efcc99cde6da145b7a1d2b9c45a2f80c925571bdd25

    SHA512

    d429f6847aac0a4f6736c4c9ea5bef5a2d624b84fa721ac8251e01709eef0fe359579576a927a286d8790dd41f00a5aeaf9c86a465fb15c1b15e044709328db5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0eb503ac23b6e019d744a63d503e617b

    SHA1

    0d081c709f13c9f5ee7723604acda89e6d31e12f

    SHA256

    8881199011a0c80f6471746fb44910f95ea1494aebef6d881beec8c641098d37

    SHA512

    0f63adda13056ec4d16efd7ba61f36cfa287f49ce8f68a942e0bc561d67cb6e110028c217d871d69d701fe23548a2fa065741712a069ee1ceb621b0c990ddcb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b2639998f35d21f0d5ab8fac72cc0dd

    SHA1

    0d0f732ec9fd79e1642c1c7e9a7df659b9093705

    SHA256

    a39dbe17126b0d023b8b21709d7b3ba9565cf8d5459368a0fbe66507bd15b189

    SHA512

    da9cf167cfad46e67d968bb878efaefa63e796b8a16e3279e14c9e2814d1d0fd3e4a5511d5f01eb4b5a41051ce30507391254b3a37e8a1afee813bd85c87c590

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a37868b21fab0fe911a931e600b97de

    SHA1

    b690bfe5cdbfb3d2a56c95257a0bd1bfae0ec2bc

    SHA256

    89604d48c9eaf1e204150d257c11231a56768d85d6e3095fc197c4fdcc348140

    SHA512

    c90081cce9c072f564e9a3bbad04b8faa759e6d88242c056791a164d456bfcdf0ef43100b4abf1fc1896dea04b83558ef349376d8976c6661ac8d1a52423fa17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    53e60e4ad28f64376b1d6cb241a575c7

    SHA1

    05021ed9193998d1c5c4f00a53d6dcc7ac13efbb

    SHA256

    6b3fde21daa9a66e4f9268be095997a219bc223b60a609048a64ff3ee59ddda3

    SHA512

    10460a1c5ca4a0b35ea67cec8bb18887e171b6139f470c01d2db274090e794fcf1fc8ec948fd63688e21d40c1c0bedd2cf12597a8ab4ee7d3a293a9eb8f65646

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2fdc1414a4af2d7431df02baa9c7c716

    SHA1

    c016f6220b49f6e4ba6e21694d6c1eb031140f23

    SHA256

    5c556adcc80041cf407497485c118510f13bd0befbd01c3458b9b59ba9418ea0

    SHA512

    04f322a69ee4ff18c83d0720a9454b398eea3cec8bb62faf5e55f084d39d0d7c4d71a78bb4793f162a0bf98a81f254e577fa1bbf43144ef4d1d69a64eb2eb8ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cceb31e131a242a86e79cfe02cc9b48

    SHA1

    c6011a2d9381c84c2436def37f64ccc9991247a9

    SHA256

    ec95c79e88840fdb4f33d5a8558360dc537378172277664a1b48b92a3d8f2a0b

    SHA512

    3effec0a33aafaae94afcd120fbeba0c6804ebe998fbf560296c6677c0d3bdbc17c4311b0449e8397c93193ab8d565fbac9b1f6737db32667703893e437335e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad1222f60c5217ec7708e402e2669f6a

    SHA1

    3e015c5a5f100aca25dcc3717c57d1cd6df0e669

    SHA256

    db68eed9f00ac1494e459e6c59aaf49762ccf662637bf66362ec4ad5e6480a76

    SHA512

    e5b8aa249c98d832ce87e5b2406c767c9474e8fcf5d170875d7a1e3917e832477c0c957e0c6f5e30d07a9019ce52a4d68c5f101192ec73f1408c04fb5804acc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ed39ba97d45bd2311f0f2334b23b594

    SHA1

    923bb4ca5d9c1846aa32b54bae13440b0a8cdaf6

    SHA256

    d1790723b52db47c0b928ab0d7deed1fcc0ed19180efabe196c003c45007f813

    SHA512

    c48e84b135564b077a7f9d28d9be1ff8444b2e11332969246dd976ed61cb577b6a83987862365c6e8d1cff3371e6909ea0cc324043bd21c926db353d5721b43b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD36.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFD58.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit