Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c1b6854213...8.html

windows7-x64

3

c1b6854213...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 22:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1b68542138f13eb202ed06274f7ac86_JaffaCakes118.html

  • Size

    214KB

  • MD5

    c1b68542138f13eb202ed06274f7ac86

  • SHA1

    cc316bc2f41fa2af0b08cd44251a51ce072363c6

  • SHA256

    8ca1cd49faa389d0466e0af84b1dd788a3bd43575847f277eae9112704822ca7

  • SHA512

    b786f97a535007ec13090ae2ec1e0e7af1960ca68c064ff706cc6007ff0f83f9292aa5a6f6cfe44bef3f58e8fecb82ce6910f9eb1a39cedce85d221c98b0a23c

  • SSDEEP

    3072:brhB9CyHxX7Be7iAvtLPbAwuBNKifXTJb:vz9VxLY7iAVLTBQJlb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c1b68542138f13eb202ed06274f7ac86_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b2a5e03b7d934071c4a648466326074

    SHA1

    35444832d1cc3d48c1e28a245cc576b610e3ee50

    SHA256

    7b5e1beb228dd71bcaf2637f4265a8ddf619f53e8ca033e320b295ec307b76e6

    SHA512

    c3d4c0f12ac9f0f43475fef14e1894e9b0878272657cc716ad369e770b39e8993dcdfcdc68f6f136fce184017a81b97ffbd2d8502040e8ec637742d3cf176492

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c588fe3c335294b263e3079b09070ab0

    SHA1

    153418f8e11615c80a6c60139703153627258609

    SHA256

    23dd8e8fc3f6130ef35928b2cc03e379252e65b16763264e5437e1b079f55da2

    SHA512

    a9f0a1e3ba00cec28982267d9bcde83ebd2c83531955b2f6c282f9c118b5a85819bcdd2cf497b5a4a39f1352f67cd8523aaa36898ea94390e75c633f4af8bd22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efc66ca618fbc2fb4301fe10820c929f

    SHA1

    c12339bca15bcf5605d0a51c582d7a3f4e7a8847

    SHA256

    65a3e04e81dbce150962920f794b10136b9cfdfd8e835c497e3a61a5be0f43bf

    SHA512

    9caa056912359ff3ad095c47e2f5fdc005efbe4e53fe2d59802eb5be03b8b90e2ac93c6ff117821953e1230f5c9ce10f25a81ffb39acd90c0266ea87f5813798

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c328e3e698a827cbbff1361c9f44b979

    SHA1

    62d9c5229bd455af37d10b1bf5dc32468d2b8cef

    SHA256

    7dfe2ab38842f72f57595d61354cd1f2a30c4beda86b893818c10ddc3c18a3c5

    SHA512

    0bf969cc7fd6ef83386697447224d7a88c4bb53edc48672cc6305a4963f335354d2bb8b440a19033ea84685abba5c60f42fca72169362847b8985feafdce3ba6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d3c1ea6d200644d5aad70cfb9e6baca

    SHA1

    58c9cbeaac93e80e2c2a5ca6cf1b745e16981b0c

    SHA256

    5cc5ed028b5f62f7c8547e31219ad28ab1c46d086948e3566b283bae3c99697f

    SHA512

    fb493e9b2e2fc716416fadd619f1f37c88d9c6a0089df9c6f8163f9f90b6f7ca445025a0ed57e51f2535f8a5b6a41f2efce4bdff875bf909c5f91118e1795a7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    180832bc2ece2e08122ce3f27a08d9f2

    SHA1

    067160e59d95b79c6fe5ef214418a37aadc3a15a

    SHA256

    1774af4680552ed39d94ee99a13a6bf321a7de9e2bd3d62a836a03b217d19f43

    SHA512

    b15170323a6f34e0642b6d2078f07617ff2a2ba5f62a0d485ed79b5c77ce4c5bc7fc4bda4dede4e686c06c9cb3ed2f8648b7a78d606f53f953576169f40dad3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2e5dfbd457f9a145a8f0f334d105d78

    SHA1

    fb7d4d209f48aeb925dd45f39fc04f48cae758d5

    SHA256

    7a66492738f2f897a48fbd58b98d1ea6df32ef61a858192dfbe0d3bce922a944

    SHA512

    e8d7226d8a28839731c7e2573ea81b0b0075f5637ef3e1ca8f760e901a35396c6592cc6af7681752c6dc6df33ed8cc9e321cbcda47c916b447dce3241c447184

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3dd18493aa4d828ab8142acacb1d0ce

    SHA1

    e81c8be6aa1e7c760c37ea50d2d237a0e0aba4fe

    SHA256

    35f521f47bfb38bde7db0bbd0bbb5fedf32b53b46614d8ce333d03b357facdb6

    SHA512

    5fc0377c7ce3c8515c2f6d766a2c6794d17788fd785d947eb99c10d526b963ee4ba711cb01474fd01c33de018f8af670d83a38f2bea2c628f6fee87984f8d197

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8083ae2525fcd78505433b1b2f2e1fa

    SHA1

    24b416cff3b0e8d6422332390380c54c9ab0444b

    SHA256

    b2e3f7a5a4caad28a43069a76650e9109054130b4cfa345e95b5650a4ba45444

    SHA512

    ab58569ed6b90a0753a3f266241df1570482a9114ca58393a3ff04f65c647f5c20a49cb3da48921501ba6ab27a919e2cba7d5b39d2b2294de8aa91a77e16bb11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d03552bbf76149ec6249d30cc63abda3

    SHA1

    75341a6e22110a1147f8d6d6465d4d2c4ada626b

    SHA256

    96272d81289fc0af05c8aeaa49cd649f071fd38b6f38af2d26fc3f73398da2fd

    SHA512

    f41256acf96b1b951364095c618c4e4b05df2c1e0e628bc74f3988904c96ed51d2ff16bf306db55e3698e575663cb0b9ee3444ceb067c692563729b9cef25401

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c09af86b44d32c651e135daa5e895a1d

    SHA1

    e8f9445538f949f2164ce9a2832f81197e58b08e

    SHA256

    414351a540c1d608340637ede8dac53a0e1d9e205504ab342a130e3d90a70371

    SHA512

    1e0cfed99c0e95623b71f2be11b828c1d85a518827dc6a273e403582ab96e50886a0cd7149542d4a9f82bdfdfc9c5d87c539bb50345db5b200f496634e0de180

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e66d1d9d2d8af43111eeabde0f6a6814

    SHA1

    12115dfaf8908415157cbea74c1a9500130cacdb

    SHA256

    ec87b6bc1ceca2b6116310d564be0f285e4a3e18c6c639e308ad658cf3e29973

    SHA512

    4202e511f95fc10dd4c0694aeeed7275527bf9f659cd60b888908e394fc075604ed2b93f11121dc20cd29fccabf320d8080a5edc13422e7226413f333f1a8b92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aac6da9ee0615a3988a6501eaa9005b6

    SHA1

    16000eb078ae875bb5814f0205fcda802411c2f2

    SHA256

    626ce74c0a7ed22cba21e92905aea8ff7b9bc971859a81d122a74356e3487a01

    SHA512

    3652a0598ac38fa3d6564ace90074ef3b946e5a628a343427a2d09df142da3d364857c44f49aea9bca72e12064d0911a670f2f16108b17cb9b6a99a41f8ce249

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bae75699df51712386e2425a5cebd3a

    SHA1

    a6a79ac34e2fe070d830a65fa434c919e31b2e54

    SHA256

    1154c13f434bc02a51e6ffbff2c8606a58c446a7587c59d06de0167ca7738d27

    SHA512

    2609cbdd953859e1e769a7c617229cd7834bd6c220b01d9d97ceb4ebcb1e260bcdda82e630fd23148206f544716bc6265dfcc7a7d05b13c12701323a55ecbead

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1cb44e210f70419bb494d0236ccece56

    SHA1

    21485101d4bd8425e635e1ab098586a682a45f2c

    SHA256

    150ada47a188dadb42f128c0590f330e3d60b981a9b5a2813a0088a7fcb28812

    SHA512

    49253cc1fbcc1b26baddaecaea9785f51bcfd8fbab14207637113bd51101caece84a318831fe744b986aea5512c67899f395060cd8da1dfc26653967197cd9e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fb6ace0b6bf0864e5a3371c5b80ce3d

    SHA1

    eeb62c69f1794d21378bc29b7541d12019f718dc

    SHA256

    2ebefbedf9a120276b9ea2bc68e989081fefb27615d9ecac74881f00f5558811

    SHA512

    3d6f94db50074f5f9ef6e221c285fb38c4f2a4df0b1b337dfb8f9d46f2432a278c7a2bbce40a7d549a7b6561e7652e71d74c54344b525884ead22e64bc4e1967

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86ad26b69a042c94749887fa81d7aa68

    SHA1

    d75102425511bcfcce6bfb3864264eb74f9c2d44

    SHA256

    78e7e5baaed021f742c51ffd50432db6c26fd96b1d8a0eb99a4cbe68cdfb2387

    SHA512

    bb6adc0600195ce0696e09b3c3b25a83b91b46b8651ee76751b730c91114834143de552e89e3dff0104fbebbc804e9e0d5a4661bc96db889a720bb3c3b4053d0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4809.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar480C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit