Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c01dc003c1...8.html

windows7-x64

3

c01dc003c1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 06:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c01dc003c1d552f614eb35f5c4e76ace_JaffaCakes118.html

  • Size

    59KB

  • MD5

    c01dc003c1d552f614eb35f5c4e76ace

  • SHA1

    bf82efb403cca7b47482f4547881e5dee55fa9df

  • SHA256

    4f415ae666565f0d261c9c76d46ef25622d4762b0dd07abcbdad42d17eb5ed54

  • SHA512

    60092bb320459297c589c156f70f2cbc749bd712099e1207674ab1b554ecf81f571ea9c8e49dda607a7778a101ba6ae9c5eeb5e9f016af6f2cbef95732bfe003

  • SSDEEP

    1536:CTPM0XwI6wusTeL7CCYAlv58WL2SMga4V1lcFPT:QwI6wuXLH8WL2SMga4V1OFPT

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c01dc003c1d552f614eb35f5c4e76ace_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2700 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    919ffbef0b85c444c96091e5d21d0097

    SHA1

    cf05b477a869f28989d5534fb25e68004c8d4b03

    SHA256

    6fc1402604fcccaa9906cb3961c8ae9f7c83fb13d7e89661193a778b95994547

    SHA512

    9e00f567bdbb0f465ce667529f5c7beb6b420bc3849843ebcb5c809e9f8b9eeae9719815c1234240238a22ca589fa55b344f58d43401a7577a2106696b63ed7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87f536e2f7fc45fc0acd3baec2b19afe

    SHA1

    f78f6a04b5374c99d4b25df3c531059357f9c43c

    SHA256

    1091aa45c51ea802633d92d7266e0ba849388e6d96efe41b154dff561d883ee2

    SHA512

    e1a87bb4e214bb5f67ba84f6d472f7c5dc25a00ea8eac3edd706ba197baa9edd21bf696b2de3f40ed365e77088be004d8c1984294a7ee5eabf156c967b692d14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    414897b064906806cf0bdc40eabb271e

    SHA1

    439995473441e8bde4556b692c84e48f2e714bfc

    SHA256

    ed4811377800a2d4d4d216536875a7f0022efb29f738cac45ea468d26cb63c5f

    SHA512

    f73dde416e753f94f79208ab2c3f3b645daa0c21a89ad97df7bfc62c111c3f4029c584f9ae07c265174f2e1b460c874f471da212bfc1c5b0877e7cf9a3ddcf94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    134b213d496539a3d3cb1a62dbaf87bf

    SHA1

    aa59c79ee00b5dc18b41b55b4835ea1f1f5c5770

    SHA256

    4a26252bb32dc290d64143752d80e169d5a92eedbf7da7532159b4ee4a067a55

    SHA512

    82d13b6d5c55cbffb7b989a8a595f15674b2f92b25877a5f60c9d3783ba5a3518742c459acc0406d87843fce5cf0453af00721722ba9585d9eeb0d226817df8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3ee5255c56835178cf76fb9e3ca806d

    SHA1

    7ecd513127f70571b9e2ca3074e7e35c3e0cc5cb

    SHA256

    a5f750b241c6e0f78e47a87a493c591af74745eb81e6248ebd4739be5d697f90

    SHA512

    a59fadc1a7e898b4a3faf20b8be113c252c671406accf322fed80dcb4cd344679c7ccb808b552a4153e4533b554c3362db21d2e386ddc18fb0fd6d499cf93f24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf9a10ccacf150358215946f41328c7e

    SHA1

    dcb09fe16e18889a00f6550e79f6ecd35a1a52d0

    SHA256

    3175b2d4943560a915ba142fdf400e547c5da93a5c001b354a8f3c952ba7cd91

    SHA512

    8a8f91ef934cb412692ae96b682feefcab0ef9ab2e097000dcff1f8a254631c722940d0493be0e97b9117c1290c8e7793b4cdb857b7fb9a83d317c93051c9b40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    45304072d0e941cc2058f7edf0953f4c

    SHA1

    4c068305038e05b59896be2c89088fb16dab2863

    SHA256

    327cf11801648d25191f70bbf245eee63635bd5b2a5d976f5674c85ea28eea6a

    SHA512

    076f2ef1fdbcbe2f8daf16dd76412ae3a7e7b6ced38fbeeb78af8f2d6878a25ff239bcf0462238e8b8e58bf93d16293dc240150956702f114101c5f7aae35540

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b99495279ef98310ee2413cadf8be211

    SHA1

    b2c44d6e919719c00349718ae73be58f0a0c2972

    SHA256

    e4a3813c4bc003444e7cb2015143452435d95124dabf3d1969d5717ef904d3c0

    SHA512

    0c04322b3404c0b0ca52e58993d055cc3ae81f14ad5b4ca1059a224e936472757900069d114d2fcd9e77a4e883753eb8467a7769116e2563f0b56c5531353a08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd823a79ad948ffff8562b6cd905c907

    SHA1

    d5c2760af2596283712a3dd563f3750c3da2baad

    SHA256

    309d61e70a3ab84447bc86133213d43e7ef01b75b38e5e3236872b25976a197d

    SHA512

    a203646ea06c37cb7d96d19902fff6fda37b58ae7d6ffe320ac620f8f1c2ce729fa22a3cceb941bacbc48444f96c51a06c7605630a5dd706d0e55667eff0aaa6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6BDF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6C5F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit