Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c264159a53...8.html

windows7-x64

3

c264159a53...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2024, 05:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c264159a533301da5e43550e73931286_JaffaCakes118.html

  • Size

    23KB

  • MD5

    c264159a533301da5e43550e73931286

  • SHA1

    6754db8f103eda3d2acfbd90a3aab9714e50119a

  • SHA256

    ede1cc0d249e50f82062a1877e3898f363e677a0b0801b5a9e38200e4f081c27

  • SHA512

    90c1085003cf1ac9ac1108cf553d1187390140976b3938938f94476035690f11690b8e5a619018c274a6b63df0c14ce6eeee7abc8ac263d88685aea12c9d7587

  • SSDEEP

    192:uW2a2Xwsb5n9tInQjxn5Q/TonQieX3NnoPnQOkEntpyMnnQTbn1nQFCnQtzTwMB0:cVQ/0dW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c264159a533301da5e43550e73931286_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2384 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1923a5535b2b1a9cd6f097bb0b92e01a

    SHA1

    f3f26a962515502adf68bac2f593f33f6f59974a

    SHA256

    b397f2bec8a06b59be9df832aaa8eef8aab8e67a5df4a2774f008f506d8ec6f0

    SHA512

    945ab431b9d17c8fc24b7610c47f19220974662cb7caabf4459d9eb5650d3fd8e50d0b5142ee90935cacbb0efbc3b07aa58a665f7a60d7ab3d5fe56cfddbd73d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d897c6d6e961bfb0f11fd900621198d

    SHA1

    cb6b179203ca0012e843abb5dd3644cf3b7a1dcb

    SHA256

    e869363e0a6f5f2072fb8d2cbae565feda3b2881ad6e39befbca9f29e83f1c85

    SHA512

    f0f6f456fb6ead15d91ce02a17e3444da5357cdd89f89b41fc3d797ff9293f4d39f9947587472b70fb8997cc3c19c55ba3cef128c6206af6656a18186ee8c2e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17f74bf9062103235b512cc37990f39c

    SHA1

    c5ef787d5a799664c889f2e19e013fa166d73e77

    SHA256

    38821dfa99bcd363a601326f49c98e2d63e3c718c36512924c227d7bba1c883b

    SHA512

    a59e784e09b7c6ba42dabec2c8cc1cd25f65ee211fe2a0117d7bc3f4de6e62d0aa6b7aebd39a550b1739ee56e6d5cb658e66445016c82c7119c105d94a941758

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    28243dd999fccd0021255f4a998b0f3c

    SHA1

    019db99870db429cbbd09a2275cf7f9ef5ebd389

    SHA256

    50412df03b1dc761ea184f9f3f8f07112b5304cd41d976643a5c078ad376a71a

    SHA512

    4d77f3ac24e65f5fa087483cd983c35871e53528db7ab7146cfcf340651e7947e3f5df53cc37faf861911093cd82a8245444f0827a9d03f2a7518566b697798b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bcc397a45557a84f3d7c07da5026913a

    SHA1

    8ce7705b640c0e973b5606c92c22c8f147f8b28c

    SHA256

    6e1bf3f9b5149b3e97bda4e86621a4c6d0280f8738b52b1de04965cb2b1280fa

    SHA512

    f65c5e06b9233e1adc12096f176b685dd35fb679ada8d35cb3e866f7997ebd83156b3974e7695bd1919eafcad52e094d85861a9b77163d2edc91eafe8386aaf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad08c300553dee1481884a593cbb59be

    SHA1

    73f28adc6c85abb0da4e9acd968cb15dce1fe770

    SHA256

    bcd8c7b403d38711e1b299715c037d3dabc0380dfb2c9fe256dffb3e0df7f9e6

    SHA512

    a111c4349c45e21e907c5b8cec36f03080248d06f17f8e0bca6291eacc47044a1683a45934f759f04b4da5550467ee9e178fdcc3ea95610da13e1a909ab78acd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19b0872c6abe648cf520a0b7e12d7aaf

    SHA1

    32000c90f59300aac266fed614e6d63f0f091765

    SHA256

    a78fb9483048adb07266aa9dde49d8c9de1dbbaaae9d84cd4d2bfe2fcea0eddb

    SHA512

    284d4af92be25e91c88592cee38cce56af2612bb298a609467d1d106c97c614dd2e7c30eb1fb163be12d123835283caba2a65ca91ebfa0fd9101342a72745d80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    378eb5e031fa1ed3ff2f14fe4afa2467

    SHA1

    f9c979083505d718e7f83a0b5bd0e4365074d2ca

    SHA256

    b8474bef9f67d27f45db41b5626723c8dd88a032564b7c3b6dccd35efbb20d6a

    SHA512

    9ed8123171226d4b6e846089d00faacfabfee683e2b0b1b3d06d79071c6cd487f38bc05ddeb8f248ce0a7c2466fe6f0bab21dcbc8beca31ee5987c1a94ef12df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a5fa1574fa13f45201c9568e632b737

    SHA1

    ddd6ac1abc693b4417fbc783cf15d72dea938098

    SHA256

    56d5185683537a84d50fff13d46d9933f741e31266ae68677e90dce6a1611b1c

    SHA512

    d3773b4c0dc8264482b74bba6b984975abd3aeca04c449421030637554b72b3852060e26b2f035bae15859be718ce0f54789ce940a141d4d16988fe6f12d7e1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    647295d03e38fbaebaabc4141a85f722

    SHA1

    ed1a282fcb526a906197619f8c7ae6cc51f87147

    SHA256

    4878253228e7bf406138988a543caf89cdf858edafa1ae214f82761c1b8dbdc2

    SHA512

    ef58cf8819a450bab09ce39b34384bd1993d027aa78c73d31d83d3cefe40f5e8cc2b0faaf1d6a92ed69bcbcc8b0e8a3592506abc3ed76f7c3323d2b6fa34c224

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabADFB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAEAC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit