Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c170876f11...8.html

windows7-x64

3

c170876f11...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2024, 19:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c170876f1178c69a6a3ce3dd97d1ae6b_JaffaCakes118.html

  • Size

    139KB

  • MD5

    c170876f1178c69a6a3ce3dd97d1ae6b

  • SHA1

    486f39167b2fea17b354e57c0b3bdf2f937346a4

  • SHA256

    052d087c133c0c9fff246d708d238839a87d2f69443bf33729df008018abce78

  • SHA512

    50dfdb844654d9c40819b5d6f167fdfa2b7be0e6d918f0952e4886c22924b599e3dcbc97816f614c6c766f8bca8c958ec323c41af0f1e788217e323cc100422c

  • SSDEEP

    1536:S6NrkVSUl8ByLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBw:S63jByfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c170876f1178c69a6a3ce3dd97d1ae6b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9303dd44ea5338a297a463cf4b4bdbfa

    SHA1

    2a2ff91c0a394d9adc178614d9224c29febafad6

    SHA256

    76821dceaec3a4399d645270427e498fb82cc6850c079f0cfb73f5b506f50750

    SHA512

    72831000ec52d9297eae5832f6d9b7d402b9a5bcb5890e95889f68d711838f698355f145896a65608c1cc7a6d6a7b44b87b157bb0bc560f000a5824eb78539c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a75ebf11d235174897bbd0856af44408

    SHA1

    82b7f674af8c5a878318fae9d8b31212fe4a17cc

    SHA256

    9cff5795631b166e58f8381055a40aaebb415d2cae67660759351e3b3cc9d5e1

    SHA512

    3667b7e40c3f286b8e5d471be2ad3f480e9ca9e6f0e514d3754bf613993ccfbc14e0c809015daa671194effe6fe7cfb05ff7017b515399e8444dad20da343f2e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c1de929d52630762c4e20b831547cbf8

    SHA1

    5e8bcf09a682cbb874815691e39575077207bacd

    SHA256

    616da76c10c4f3817ba0eb73d657ac7c51fb24af73a40c546347dfa8d0a0c311

    SHA512

    d538acaa0fb1622bdef447d461abfcdb94093561a1fb1d0ebf02dccc9ebeb21480d55ed8444b778293e5a1b2942294b5c9333de02034eba1019767e0a4b16700

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    297db2ba44e79b7f7449c08dc10deeea

    SHA1

    ff5b7e73752b583ebb7099872a9d391d22aef9ae

    SHA256

    6249cd0d8033ed5c6bb52d908ebff52fd5cfdd4dbb68a9427feb04625f006085

    SHA512

    b4cb0b6f778ee15aadd5edad877d5c2dec95c4a16e803ee13bad9fbb29ba0a4e343bfe1dedeee9124124a95ab8492d95df542d34d59978eea67432d5a209ae27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    65f0ad486fe1d32a55319afbc8efdecc

    SHA1

    7389c498551247fd16664523153ae668b97e5e3f

    SHA256

    7cda9b3f539b15a28b9baeb85ed87f057264d58371d272edcfe2de1dd8428c07

    SHA512

    e07df40dad85496bdbd850cc5019f197de95b69724dc83d2f82a66751ebe4f4b902ea2925b0a89be36810cd7cc1afeb020bbf9274be4a82245574b2411859e4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    66c57304ff920358b936d6d30a196cb6

    SHA1

    04661c932b8c40ac7429077126a8eedf0896c9c4

    SHA256

    e8a2030db81aa3fd9b2acbfdf716c7f33fc7574ddb8956d60c31a06bf742cf87

    SHA512

    cd5acf5079ffb99c60ab11210fe16bf2ee0ffa073038a0d7c99e8ec2b2e70d905c7e33cfaab3ae5e3dd736ff0114d2a508dcb7238a333520b059aa420b8bbaaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c3065879b17e4e23617a4f2e6c857994

    SHA1

    d49094fba05326d718b88abc7188265f0bd50ba4

    SHA256

    94e138782ca67431553281c82ba0bc640eadb6027b7acc7d247acf653f449fdf

    SHA512

    68cc3b13859d7d35b747414c2fdb9dcedab0d432a54721b6204b151dbfd2a432754592b972fee45bf8d655facb25bfd276d14549d4561dc381452e9e0478c024

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6baba72e490a1d1ce4319180d65bf94b

    SHA1

    978d1b3a14fd931786a9875c414cf0661a805cdc

    SHA256

    69cc53fbd74b27f7c3a462aaf4d3f3eacc926181eb9dc88770df179744ea262d

    SHA512

    84d892a3b5065ec62509905ad94cab6fb64e79adb4741f84f0bfb1f63cdfad5406c465271de80244b75407e5757824344003119f4c89f25e4b9f1859a821bc9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    98c8a24a4ea895dd13013664a1534e1e

    SHA1

    4d7fdd5bd501b8c458442abadaa20fe53cff9747

    SHA256

    6493ddbde0b8ea4013838aeee7abeb94487d7ba5393432d809db14c8af81d0be

    SHA512

    d307102e224050a825488fbd547eb48f034b023aee2648ab212530a957beede1553b3ee518584282ce278c1273a7595ca9947a47524e5c6401dba6103f315766

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    43909adb0db8325f2752811e66b669ff

    SHA1

    4ce570a0f30fb36fd31d481fd795e9a7e32fa561

    SHA256

    f984253023e14f326e464d500c80956f55cbd179c8645e9afae4a5e8b49d8ff1

    SHA512

    b10cceb391f307e6dd3c7a9d2250dd973788e0247fefcb9826ba1db689fcfc430e75c40029435e6ac00e564a6fab00656a41dbd5665e178b0024424e12e1799b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    226df73858ff456e909531b5bd57ad67

    SHA1

    113d850bcb9bef7035bd75ddadeeb0716bc03b6a

    SHA256

    2021e7d1e8f99bf3634d188b26bfd589dbedc4fdf7f7bcd63414854ed03191b5

    SHA512

    568f55d2021d5e975367c86ab9489478d891785f65386c18fae09b515ffcb321c90a80240e7bcdfd7e8baf3af71abf632275a99df6a25f6b8863d41dff992a02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c39fc1fd5a652e7d1648ee8267762097

    SHA1

    83867b9ce9a0fa6ced0ed07e11ff69e13775df65

    SHA256

    b43da39549972a93b7891628647629991390a17d66c3bee9d93efd8e82a3fd54

    SHA512

    af32300d804906609e4b40e03d6ebb2a28991b95aff87339d25d3c1b7c3d96b975492b5aa507d395ce35967256493ea6751f2ee537790a40948a54343951f89d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCAB0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCB70.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit