Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c1b3d9a406...8.html

windows7-x64

3

c1b3d9a406...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 22:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1b3d9a406ea0a9651f7335000b05b2e_JaffaCakes118.html

  • Size

    51KB

  • MD5

    c1b3d9a406ea0a9651f7335000b05b2e

  • SHA1

    38f8094f6f3aa39303f3f6685ddc989cbbdaca17

  • SHA256

    d4e9178150e7b2fa8fbfa925da11a901e277d3441d4e0f2f7e4fec9b428f06c2

  • SHA512

    10e6e73565c2cbb2515e6e2164fe5e91deb2cbe2a53b37ca18f7e45e3dff527eecc1f6615ce88adb298848e8b68b9b10effe8dafdf2f51f07fa1bd868c228e59

  • SSDEEP

    1536:rTIE1XIEqZx00Ql/K81VrO0BkE8XKS1yHxBwRqTev:rMZMrQ1MxBhE

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1b3d9a406ea0a9651f7335000b05b2e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    6c951d96c2ea48784168f942ada25ea7

    SHA1

    de11614d843905fda9672fae34e9325e0608ccff

    SHA256

    16cd605a786d08c2e6eb03b1df8acfe74b1c1c4075d87f2d194d83aab2a3dde8

    SHA512

    04cf6477c7d32baa79884cf597a15d3a43d278c455af3e5be5d4d873a08a873bafd3b9cfbf892766a4a732e530a96564eebfda4c0d0093e56c58872847530d35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9871b56331c4fa292d5954b8e4c4064d

    SHA1

    f108fd68277ba294514f43df2c1763a9d8f9cbf1

    SHA256

    1ade514a72135322634eda1ac234721e0dddb4e8d1bc1127f1034efeecbc1aeb

    SHA512

    c2de3423f354c9de1fc3c023333ff18ee7b27d248edad736b7fc18f80f0699b0ac07045a8dffecb7984c626fb03d597a8dd34e75e545c405bf953ec9c435ae9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0071eaa6a54298e05ef7f2c264c029a5

    SHA1

    b12776eb3b9c848b19c51b2459b01878b5ff505f

    SHA256

    cbd0fc07ab5d1321819579318a026c48c9fd439e334e6c2c7d25d7a73d33681a

    SHA512

    2aab24cbf3293aec2f4ad06d8de5056ecfa5ef3c84bfdcee49a67427e4b592198913dae14f3124c61862ebe4611b4fb7a3b234498377339c4587106bcb150b58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58d28acca99266ab1ab1f1e0114a053c

    SHA1

    c142d828c8b5d004dd0506714a2a27e7f7fc1d54

    SHA256

    37082b45e5948d30969215cc57b5f2cc585fc927841f342a9fd81c2639293cdc

    SHA512

    ca6d838f0c7976a1e533cb788b4e34ef46c1745182310ec0031ab8215f3d8e8fef53cb3186056376799808c8ce49272b3ba81fbb811b66b6b91a3ddb05338ed1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1aa3c61c868e103d8412c8b16359f7f

    SHA1

    104b2c2060a260f5096f643c018ee0809bd3bc47

    SHA256

    566d82f85f3f15ae029665acc6db33ca045b7d5acaa2f63d26552a4ccbde079a

    SHA512

    1aac5a676442f624a459b4b7b6a2902c55b994e64407738badd767a206c642a6b5173066a0a80a35f6d7567c372fb2f12976a5fb8bc9fd30c6fdfcf24b1ce870

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1163a8b4dbdfaf7a585d0995061d6f67

    SHA1

    e16ccad367d4cf4b2d45ef211bb49d55228d9172

    SHA256

    c507582046b2c9244967b1a1459556b1122f62c9b206c2800dc201dd7cf72716

    SHA512

    1e821998bef97064e9a69e831b9a3d976454823edb8bda06d2fe2173a2a832ebd1e3f5a852453fb9b58aad8af83d774bba8fa837cf373ccf9008ec1604c04853

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69f7b32e6da1e5478b12f8b9a4c99448

    SHA1

    c30a23874be70b4aa5618575baaff6d4a3e562cc

    SHA256

    9671a06c90e21696291fd8d71c4ace2642134a5805b6d7c1761263714aa36f08

    SHA512

    0415bc74897e50ef62940e1c6a6fd680c9f149b51251e55dca750c4b0f70e08febd04590f292e882ee5f177e7b1db2988f08159e7a5f85b5cabe1ebcf1948a31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f53cf89367392270a53fcad3ba0c5192

    SHA1

    fd05f596805417086df6a546317b2f10c3ee7ab8

    SHA256

    ed10fe9deea4915c723c123b787f0489eda8dde2f45d1efba5c692fb18d92e84

    SHA512

    1209b5f76722b94563412c4b8eb374c9537fb45826cb5b91d8fdcc60c80c71a1ae90587e2ae01c65aaebb30f40022f6d25cd9f11b5550e6b2e80b90c7395dc8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1fa17e03f553200ce5e77cbf729c62ab

    SHA1

    a00d7d8faa0d843d2374d401a35f62e13d30bd41

    SHA256

    7570ab27191d9eebadb063a5aa80d22d60bd862b66ffbca6b76beff0d10d4b70

    SHA512

    3ab78fdfc87b2b8a88b53eda6526e59a720617b1e5c5a67fbce885d17812583d04ac013cb49c1990e59e0e004819241be431834864074d013593a12bcca14eaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84e04355bcf5fae13e3c99d671243d0f

    SHA1

    1f459a3e895ff970e49ceb06fca406642e811d33

    SHA256

    c1564fe513e4d93531b236e400277fd9b1f3b399bc9ec811d684625dae75f103

    SHA512

    94b12208483b83a454a7f394f980f9fa56cb1232fc4d9066cce0031de1bc0d0629fc46f64c2cf5ebd5e412fa153041f4738e4bdaed3595933ead432883ae1d4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c629ce53c70a70ddb07409b5d4a8ec2d

    SHA1

    3ab1775c4f868d0a50ef039f12e5f1a488898134

    SHA256

    7f81a1b5e557f5b4b690260feb5ab7bd63f94f5f51aea2034e44a9c94dea6e72

    SHA512

    199ecf82e3e0f0151b1f51748b79dee1a63e681b7b23ec53ed26a0473e2f124c9dde136fbffeb7075097e3c4cc2016d54f37ffe0d07cc35501f030f0edab01e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef00bf763609696598642250a936d140

    SHA1

    c3bb766a2f8a2e2d04f937fc17624b2dd90da616

    SHA256

    e47c545261ae621ff39ffa8c332cdf0eaaa0400fcff2772d68903e28ce72e6f7

    SHA512

    529049335f0f6bfee0c5eab5f6d2cd2e9a3f4a3227a187093ed8c63fc991d10c811b5f301a249a200bb9da50f9acc8f22792994a92193086725dfe59359d58b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    041a5d0dce78d1fbd625d9d7542b7f8f

    SHA1

    f7553a963877a3cfab27fc2c86afa4f611afc644

    SHA256

    ee76efbf0123eb3c4a356f6065bbd209710e9e5eee36604c288d0ef27b4b9626

    SHA512

    bf008bb1518f9be310bd57d9b1af74b9ac1de72dac5f4728f739afa241b39f38ea286bd9118eb16d8d443f1ef355ad1e9777700a5642998c412a4ca340f5eca3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7fae6210f831bc16ae5db2c8b2c983c

    SHA1

    df200f43ac3c85b8c7c33bc5626f84f2c2bb525b

    SHA256

    50155d64f7462e99a79e59ff6d5c09a886717f661df8bc03263865d970e6f9fe

    SHA512

    7b5c1880e7c9a06a90901cbcf03881c1adbeec486159a6d509e971cccf93894018c9477e3fda4c62d2733962a5e31982e7da8df29ba9eb523eabd455f0016415

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d05a9a60bc0fdfe851e26eb7f336104d

    SHA1

    18cba25884d19b81e2eec3a89418f2c70d335bb9

    SHA256

    259184f9e8488dde6c78b6993d365d8508ff17cd1e483fea0189199e00196cf2

    SHA512

    9fff72894baeb97b49e08d6ccc4296deaa507e7349eda30faf09751f0e792b37d933d7a7aa9e7ec50468717666cbe95cabd76bb243207559017f6a902e9bcf64

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UK8J8K8\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    9e5f0b21584389dc1c7b5da4a900879f

    SHA1

    191b84e0f5644398ba99e0aa141a6778c14b83bf

    SHA256

    3e21bdafa913fa25276358db1269238db3012ffd8748626cdad442f838e890e3

    SHA512

    c1720a420df680bcc46625355ed6d5c35ae280a813692a0fa293f3ba113a023808a781f1b8c9dfeb3ffba29606e1f4bb4be4233983089602e2d2c20786fb0427

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H1FOMV1\1380534674-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c1d4d816ecb8889abf691542c9c69f6a

    SHA1

    27907b46be6f9fe5886a75ee3c97f020f8365e20

    SHA256

    01a956fa0b3ea8cb90d7032608512bc289c4170bf92759352e40062d5be2946f

    SHA512

    f534f057e46998bd1ff2c423ad2cf04a880c4a5259e95aee5c6ae34ce7121ccd07ad1bce5d4c3a51ad04f7411b0625da78808326b13d2aeefec502988e113113

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X761FPIN\cb=gapi[3].js
    Filesize

    67KB

    MD5

    b4b711f3e747704ffe02b49791ce8cac

    SHA1

    ac7ce4cbd3c8ee66e3c8d9d209c1352c160c3b89

    SHA256

    f65bf40e2f0ce993b54772f703f72d53f0fa925457346fa8ec2031879ffa91d1

    SHA512

    b738deba57337a9147927f7dd35eab7c999dea6d2ff11f57fdc2e5b6f64326028a54778886548ba128a3f03ee333cc9e43de5162d8b578b85c290626577042db

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA767.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA77A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit