Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

bf9863d7b9...8.html

windows7-x64

3

bf9863d7b9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 22:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf9863d7b9b219708ab735c2e21751d9_JaffaCakes118.html

  • Size

    53KB

  • MD5

    bf9863d7b9b219708ab735c2e21751d9

  • SHA1

    3a0ebe74a86981790f7d3977a70bb643332517a9

  • SHA256

    14b66cd36a1ed3b6ac751ef306cb6ef069f4fa972818fcf8bff4c49253e3eaa8

  • SHA512

    49566c058fed4c24a4a5170b2708a34ce7aab4b671b2fc8458819617c7629b686527bdf30255ac06f8b5a54ba43407697d59763cededa6c28c4e81b971177fa2

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUbrunlY863Nj+q5VyvR0w2AzTICbbnoB/t9M/dNwIUEDmDi:CkgUiIakTqGivi+PyUbrunlY863Nj+qK

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\bf9863d7b9b219708ab735c2e21751d9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2996
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2996 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a517823d98da72e4e0f0cdf8f73d6c13

    SHA1

    dc6732aba75690cc084daba6e78da1b22ae3490b

    SHA256

    f0cc26db3b70ddcec4dd3fd3d05294f4e89859201153deffaa4afcaa2c1370ad

    SHA512

    13e9e9a02d7602911464c3709caefcf6431ed9c510a5db600d52f5255393a777c2b5b1e08e9978078b7094c72346483335c9fef6d22da8becd65ce73fc1fc2f1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f358a8ada40abc0922dd9c6b7cf90a57

    SHA1

    92ae426623daae77810042e2b574855db22d9078

    SHA256

    95c5b9b5ea36a12262017226f640a5a984ec18a8fddea09f3ec746366773b0e3

    SHA512

    9e1ecd081593130e8c7709e7f2a2b891b0abbabdbdaed38a626031e869818a7eb80f8605bed0f95c15cba22aebad49d59e528fd57fae0c862d127182482328e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24ce8635fe3dcde3e454532aec6f4104

    SHA1

    287ea7e9832d138c50ee6830db5926c767bb165a

    SHA256

    a3a29a7fc6f392d41d530462f8c9fae179a0caeae10859333fa169c156e0cb11

    SHA512

    059018ffd9546aac1ed71e857b8d63b91ad5cf2d53bdb04ea17dd311ddf7ec4a6c73d416fcb747551819c4853e88132b3c5a4f41d25794cefd3c4a6ce0c75509

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6947ed50a7af7409a7622999454c92be

    SHA1

    c563d9d8dd2fbd6726868b1afe932ff6699431b9

    SHA256

    f916e6465282c831a3c33d99e7430a2eac0a9d340291a7f6b3f832c0bf9a68c5

    SHA512

    1d951cc3c56e616620223fd1a98ef3d20673ecc0205c1ca055a89a63d7ff3223b60702cfb6ab2b9be156764c60aa9bdc7b08c5ceae98daded7e34046dac64b88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf9885c90acbce9e63991a8acca6836f

    SHA1

    e9b2f181cd3e79584966d9129b9f20a09a1b2ea6

    SHA256

    07d7e1a712fec2dcb7c5a74feacdf4f3dac04d6c3ab8648a6d7dd1e711a85389

    SHA512

    20df8a9b98bda769e7de5b0fca38c9315e5534371798a314c5724cc6229988f7c224348d1bd3716de268a719877f6f43dc83ccd9f1e70f9ad490cd0d87f85f79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd1b515cb816edd5fa6c926bb5b312a0

    SHA1

    03ee9549e1f81be0c787d88850f1fe1edf861eb0

    SHA256

    9907234a6031fd15bbe2c91fa16fd0fb0bbf510615a8c0a1f120cc71f90d9123

    SHA512

    6a715f891a7a354ccc2c0065581851f630477fd1d9aae7c05390e2bc799f6adb53366ba1bbe411d69aa9e49f7e215f0ff58a2d73b7f5745b6af1d0760842a5ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fc40ccefb764b2b3b13550928d0e278

    SHA1

    a5565c05c5a0d32e8cf492dd1a06e7c2dd3fec42

    SHA256

    6d310d83c065b41e442086bb48cc56da23e26729950b6aa78f5299c044b97505

    SHA512

    8e9a478964a8954beb1b195ef7294b2bebbdf79cb53caae7b799a6f19b437df9e99339c60dc6445ecb5af1de06fdbc19f35d8d736a317acdfa87d4bbcfa12ce1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4008e149fd48ab92931fa687c5d86797

    SHA1

    1fba20dd50a93e00e0b1c3a3519153b12162f246

    SHA256

    274a6dd00ec12384734f7ced1b0835fe421495cbbe0445b25b8493a1fe709496

    SHA512

    3195f39a69bd1c56b79cf0451ee798a27eee1cdf761c6d3d768f0e6ac0a71d1a91a3e548f4ea447b5899b5060eac0fb93a4f479a42f9acbb9cfa09a76d994275

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    13c6eec4ce20745e057bbc9695227ca0

    SHA1

    bde85d7390440aca2f98c3a636f4e5683ec82149

    SHA256

    2692f0cf6506171e8f11a7919c1e63784693da9a094a52c0074f702453989306

    SHA512

    143c6019986003693f7fd09684e377bf02e9ea0565c976deefe583c7e7a435fdec3f6328062335a8910d0cecca9fa8b74d6a5470ddff21ebd3136eab654d6fd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79a8292f787a20918143fdb6174c3040

    SHA1

    6f21f02c393d01147ef4c12d84370a11729e08e4

    SHA256

    4730928e14e59ff166ba1fa0ff139fd12a29d8d1e0cb952cf538d37065312dec

    SHA512

    520e7e777a12f8f370e940337c1cc7b3fa7551744894af69923997eb90284c5728f22f1906fe9c73ef02c40a65b67f50dfc47e64bf6161bc4a5621cd83d407c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    903999edf9bf016add34e2bd75d11fe3

    SHA1

    f15645524b922ec8c3585deb57082673a9542647

    SHA256

    a1e84e3113beb0b7868efd10acbc6bcbbd8c36059fafc7e0b343db2f0fccf5f1

    SHA512

    a32b80c3e7a50961ab65790551ed31e6e0fed5880620d9bd30b061667c85f012deaefaa2cf544ffc72ce5bebb9a735e9ebb250d338089d3628d9049742126cad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4fe5793cdd9b57235aba5cf4fb481a0

    SHA1

    666426a3d1a20b767a2a8fa7fd4991549427aa83

    SHA256

    18084535b76bfa04d0c61641f417131eacdb53c2c73644ef3c279a768ffe9308

    SHA512

    fccc3b9a0670f6fb923b047c060dee6825e0843afdd35328a550ff7dfc1815c5dd29f3a0dfb147f096cdd3a0bfa91794e2d5bc8bea370cc163d364407d07edca

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLOK2QLQ\style[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEDDB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF280.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit