Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

bcad72c76c...8.html

windows7-x64

3

bcad72c76c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2024, 18:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bcad72c76c24b5ec8622a20c3f7e4935_JaffaCakes118.html

  • Size

    74KB

  • MD5

    bcad72c76c24b5ec8622a20c3f7e4935

  • SHA1

    18dc211704d373cd41f8e5ada2789c60f89dbd15

  • SHA256

    678308bb200f654a79fc93ce92247161cd3734fb5306e91e9cb9194548a3e6fd

  • SHA512

    fc1449d0df09bb584f9dd4fd54ead5c3a03cb4ccb39b19a9d509d21b9aad9759e1016f5fd90d714415530e15fd504fc655014b05da13a8c873aa638b860f4a06

  • SSDEEP

    768:XEqGY/ppj9QGyjzCGIEzFG7XRIpOMwF4n70pTk1FsuVbLXQKiIwG6CQuVcphrl3P:iCZh

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bcad72c76c24b5ec8622a20c3f7e4935_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:308
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:308 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    41acefbd4e12e59a32cc4f2f84b7c579

    SHA1

    06d544434f0ae65ca6e2f98ac9b2406e402fb327

    SHA256

    27a227cc5a98c0b0613c260601d2f7e0f587e255966784dd51dc66fa2e739c47

    SHA512

    aebeb53a2e80ba1fa9642d7d7d94991a82550a732f3c4a23795ca3bae364d228e8f8ccdd43730dd031f5ce3fbec464d968f052f3ca4e64c5ad2e59f9ed402906

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4a6325f49043d632f0dde63da6f55b27

    SHA1

    4ffd6718fa44ef7fd3e1229ce31ee73b6812adc9

    SHA256

    32f7832ec52a95488d99fb6433ea73159b3c718df84c16d6a627d8badb3f026c

    SHA512

    7f56a800e9369c6239a3ff0bf4da36d0c6be601fc77452c46519ece70d2970431e4c3c6e90041e711d44cbcfe2db044f33fecaa96abd1f0729fad1a45a1f2707

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    e6b3803cb7c9182a8526e64fe7a9740e

    SHA1

    f9f49b12a46e35b73663279e466d68fe7b356ba8

    SHA256

    3c095e22169bfabf11f789cc1b6afe152ebaafacf7262920420312e857822ddf

    SHA512

    11000379dade3fe5a8834920b86dd448338e30a12bed3cdeaf5d42f21b55da06d8d64514b6ec745b2935c8ef63a1410cdeaa89b7dd850e58b573144e1e2f6184

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ddf1669202c2c861bc7b1d03bbcbf275

    SHA1

    03e33cd735a27d1305adb579aca4b97523dba28c

    SHA256

    cfb184143a3ac7834b643175eb84a1db59843abdc2f66f9e9fb7a514bc66721f

    SHA512

    c9724687bd8dc2b4ac4a795d82a888d892f6c981fd2deeb4ea3731f9065c9d82db039605c3c897c7eeeceeb351683f068c2aeb9ce20187337d8bb7d786d056d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9996dca1e4a8fb18e88c42cd009201e8

    SHA1

    6fc8521e21bb1a6d4a64ff2ca8569a46e2fcfe10

    SHA256

    1a8b6ec46efbeaeb21426be0b61fe3649812fa5b097acf2375ac1ab745a1b1cf

    SHA512

    f9ac8afdced106990f15ec7072b6e75d5328fa3ef7f24f00808243676dd6e8699afa8d1ced3e778fd51334737bd0144050b7b35e9613e4ad98e82e8ea79ac084

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4a662537cc29e2e1067dcf8dd158d007

    SHA1

    9beab62a0d2d51d57061877ea4452ca7e4d121df

    SHA256

    815fac6a2c7225af8588cbd465ff186dde8b61aad94b82ec1e905f8cb7e7d6d4

    SHA512

    cf198fceaea7c7354e5fb93e29a61895ef49031ff0b9b58cccb096b28a3da2138dcc95537aad43dc67fda30059db1594b5cbec5da9cb3b30495221d74d4d4361

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    db6a023df267b4f9233db22f47f25dad

    SHA1

    665a539ea2af5e8aad805569e3ede4f376698914

    SHA256

    00d4379ac94d1ec7410493c433b09b2b6c8f61f78c17eff1f19f2490386891a7

    SHA512

    0aed9664d12da34a3e74bb5a2ed162647896187e5c01ebe3a2e3d4acd11bfd85ac550aabe0c94b08cfd23ce5d23555c9eaa0bf495fab2c76936eef0019aeafa6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    609f8de9e19f20af86a2eeabafc2d6f7

    SHA1

    b339a0abd4b366d5699d3ae3d612e570cc605406

    SHA256

    80ca215bd266f7100d33b12972c799cb8411ab94a44b1e57af0ff406e09b755b

    SHA512

    c3e339b10e210ffcdc3ba6ac9159ae557318794e953be040b75b9c1a1aeb5b2d00c91298f787bbea69242b8582a8076b01c3292929dd5ca9df329f8b3af5dcbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c227096943a349e730ad551328d8ddcd

    SHA1

    c5acf6f48d7ae7a6032c06b5a8abeef61cb5b0bc

    SHA256

    9f037b68df783931a262c5fb21a3f014a0ce40ec5d3795419ce6bebb1ae33aa9

    SHA512

    ca7f9df947ce11611591769a22d47f635ce1ebb03b2541066f55d0c10a4d5d00db9aff1fad07ab0a4425d07a654630ca450aff7ea6cd1141ec535aa2c5a18110

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a4cee68f8f77568fa4079d5e6224033a

    SHA1

    55e25c6d9dd601ceaede321214395122330a394b

    SHA256

    d3def8c448c1b296b81e01b3c531908bf561e2ea43febe54d99f2c2e6f919d4f

    SHA512

    7c4a4e6190714e8fb83ba4fea1334462012e3bb08ac11885a0ac56575f99e79a0db67f77bdd78b5173e5cda87659c4d00c4ceaf2b8c5712cb45036366652a45c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    97410b43850bfe6e5ec8536af42f7777

    SHA1

    95ab044a4d82a1d9af6b4fae97ba5bd5de8f30d3

    SHA256

    e231f9242001a5ef5187a7d57e40bc3ad3d0392c3d6267f1bace5ec08f65add6

    SHA512

    3ab8895ee7d19e80ce3433e81decc42be20735d74031db288ea6c4b226e160b03f798b793f8f6f34600c62bdcb3175be75c8e9ba991a2780e358a3010a6a969f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    de130558fd3cfea5cf14773508b7b2bb

    SHA1

    b3a30a75fe12efd62225ffde18417e9ec47d1bbe

    SHA256

    a9eea3128e2e8e21b39ab5c9cdb7c638e7ee94f66156b8c4c6458950617a65e5

    SHA512

    72a3bb1edc629acc4c7a9130b6814e5ac3f1271614b6f1ee5eefe66ef1dcfe875b98d71528a431d223df4e84f3ac4e4d68cd86e20f8ea57e01f8c95cafdb5c87

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC04.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCF2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit