Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c13da9deba...8.html

windows7-x64

3

c13da9deba...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c13da9deba1a95f19d81a1322fd0dc9f_JaffaCakes118.html

  • Size

    35KB

  • MD5

    c13da9deba1a95f19d81a1322fd0dc9f

  • SHA1

    3e9fc2b0c7b2cc9726f7e162faa4649941a67cab

  • SHA256

    cfc2cf8785748428cd458a5a0ca6a91ab8b2486ea717ad4afc6b32b2bf490e67

  • SHA512

    989a85e46257c4ea420fc4d176ea25d004962c03464e17e62a8e838cb7734f04f444606917b758b29ef68859e2748cfee4cebf2df01963b4d58d7372d67dccb8

  • SSDEEP

    768:wqEou5k02iFV9peTV8red8Yd8kd8yd8cd8Jd8Ah6dtV8vcXm:B0hFV9pe58red8Yd8kd8yd8cd8Jd8AhD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c13da9deba1a95f19d81a1322fd0dc9f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1488 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a24ee52b83fd859c8d9a6fbcf09bebe

    SHA1

    3be347f776d141b84713d988e5227e4d17dc88fa

    SHA256

    0c61a55f2c3024236ed2979592a1e0f0369da5955e0b537060bb99bcf2caf23a

    SHA512

    fcfbf8280463a24c533a39e2941818c2d62bbc8af1291afb172553d4cae2ccaafeb3655a3e0f43913289c663d6355b95aa4598f7ebf5f30d458e57b5958be0b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5dfb0595e80aafc01f2b1a0e98ad88c

    SHA1

    0e54623b3bb5264ce6c6d49e4fd957b142823efe

    SHA256

    d3b887fa24404f81659ace9cd3c8e00255c9fdb93d9138379d2c9305ba2cd020

    SHA512

    264b88a916436434b900a5098e6981bb4763a37975ea3dcbac7e9721dca19034d9cdfb5961fdce7ad7e51a14d192539822aa00750c467847c1fad679ed2c7668

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44f649c49647f8cb1a1b376d46ef6d98

    SHA1

    743ebe725b5f2d256c75a6d047f467aa2c956ca3

    SHA256

    0045ce8e7da9a8880b2e4e8b89566934eb93cbfe4f29ee200a33d53859e370dc

    SHA512

    fcf4b34cdcb6f6635bd8830352ba818c3e513902038362ae1747982884d1ef4b702c3eb2ea9644b1b33bea5c4f5235b53697d6b37ef9d1ed86b23ec62c7582eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36a2dd55a2316e33281604891341a8d3

    SHA1

    0665f3b8b545d25b10304c0573e3c0a5ee0e6da0

    SHA256

    e6c771b74b84ecb485eba80646dc702f726295c4be41830e0d67229d66d38fb8

    SHA512

    2ed0abd62142c2b5286ed131f504b6916672edacbf4d5e0a635c4d3855deb46cc3c287a0fbe45e1f3daf52e806e6f61a170dd74da0c04e30e2a75353489cbd68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3548344b906c5be3ea00dff1ed347526

    SHA1

    96b63c735a155684fc60c5b2c7636219d2e6b35e

    SHA256

    a8f3986e962563b1ed34a8584a4067ff6dd55700218f6461dc8c2ac84fb0898c

    SHA512

    6ee877ea85d92b353c1efcbf8c7be07e7ca2984c9845fc4368531b75928b8a4f3b243311d91f5d8af92d36a976dfa7cf16da01d347631eaee4aee845b82b1bbd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f52daa1fe1a858a105f38f03c8a1a76d

    SHA1

    831215fb427894cf00e71969bda970901937af43

    SHA256

    0f4cedf07238902a32d46789b407468de1b6f2a4da46dd0ad6de356e272c9348

    SHA512

    a4fdb76f19201391f06d26439b44072af036b4f6338e7f138032253100211025020ffa856bcc01f682ddd220b9e48916d4249759ece655bde521cc408ee467e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2fc2811060140ea3936192ba3800324

    SHA1

    0c1be1bc97546995e1e90ccf719e949d3bc66b0f

    SHA256

    70c113a37cde5e5777475406865f7f2fe1db1960622e127293867420c7a161a1

    SHA512

    5234e11a0833cf383f0096b6ddff0452eda28e582ed4822b75a6d5e480a78f68176bb63a3bf5c1184e7f2ca85b959faa283492b0a5cfc5923206225efd9f4159

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7eade120ee59402f82f69e46c8253a2e

    SHA1

    a0eaf9ae21b96049880fbff224f409f2017ae7ef

    SHA256

    4086e1144411d2d7d3bda5edaa019c05078098755d4228d2fe8463a228470265

    SHA512

    00b717b3ddb10a75b1f98524ce2c8ee1126f6c91c43cb5f6a4f88ca2c60a14fb292f55d236ad7271a691bdd6134923752f7e0be294c5217d023e5344cde4bfbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9cda4771a2bf153c4403b75ba8cca1c

    SHA1

    47c46d0ce968642a6cf02536a1f36d42efbb9916

    SHA256

    c868c6b99153052399aac45d0d1429f9bef0eb360fe262b6e8ed79c0039a2420

    SHA512

    e9935222a200b970b07d280a7e353f100c2b0a38621c0901929ad2007e5730e8c51e563bb8091ba1dc57207a73a22b07be69b8fb8548f71742586edffa8658a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD9FC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDA8C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit