Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c2a568ef6b...8.html

windows7-x64

3

c2a568ef6b...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26/08/2024, 08:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c2a568ef6b40a2ec25cc54a1afd1382b_JaffaCakes118.html

  • Size

    19KB

  • MD5

    c2a568ef6b40a2ec25cc54a1afd1382b

  • SHA1

    307084b34f2c2be22751a30cb7dca62b41ca0651

  • SHA256

    62ed59bd031cf9049e2e9c388dda762b7be3e74d7af1c07de7a9302cf3890010

  • SHA512

    9b6dd4d20354e293c47195af1c52db8f5a63ff79aa40c7bd7e2632d3cc08bb6340119fc84bb28c013b0d117fe9dc8e63a30eeed89903a297975b385212b30ce2

  • SSDEEP

    192:uw/Ob5nG9I6nQjxn5Q/VnQiegNnQnQOkEntTbnQTbnxnQmSgHMBAqnYnQ5lNnlnc:kQ/tq2LsI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c2a568ef6b40a2ec25cc54a1afd1382b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2292

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c1a92e46bfba343f9e64f825471ddb1a

    SHA1

    2d4773c66f1feb0c0b8fdef9d543c95ce0f41880

    SHA256

    5332cb32e7419744eec494c662d5cc978aedf80616a35c5067ffacfc933cb0d6

    SHA512

    fedd70220137a565f7b604be10e18461da979036606d512388ea1da4178278841a53833b1b392a6ca5c889e7427abcceda9658bccc8b1c9924a5c83f12902722

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    c309431f8f273ff66f88b0e35802343e

    SHA1

    4e2d99f584e52827132359128467c7a7dee2b654

    SHA256

    6c1646b2c8c2455617966540f6d4e2b7b71f464ef28f5362f43f352051e0f374

    SHA512

    554d1878fec77fcb2b7587ea291cc9cf0846c2837431b5ba2d3aa11a232d4146712bb6aa9ab631fed353e997ac28ac33c9b9dee5145f1a6e0a6f1f6ab6a35e7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2370a551b4c430b11c74def19cc2b9cc

    SHA1

    636e83aa9479d23825528c9fe2d37fe95d4ebc1a

    SHA256

    db174ea128f6a57a1a2f0e3858f52e2680b1d176a71c906ee6a83f59228ca6e6

    SHA512

    81a9963899dbe0201537e9daa0cf238b315533c7b0af6a58dbcca5f7ec4b2b381d01f7f49d937876b4ee1c40833a62ec563bc69875ec12ee28eb7c9856b20931

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0d5d918503ae28d5c2810559c4183d50

    SHA1

    a344168c6458adb48d8bd09e47035386e25d4123

    SHA256

    79a79d7238c72121138d2e5f50149b0fdaf1e1e219dcb7e68dab0f2344932d86

    SHA512

    8b76b05bc7868cc172da3fb730e082b7554df8536e95b53aee7e75fda5f444965c5451cb76716a28061e522f0173bd4abd1072bf03c5c6a2b9c27f05f56c446a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d3413ed6d3929d2a95250087b1619fbf

    SHA1

    b35714959ab59164e9160539e008492426dab8d5

    SHA256

    70f024b53e1d4ed2fe2857a921c5a606b02fea6d2dfd8a08befc9e43e7520528

    SHA512

    482968fe9ee7a63ca8b5a23c8bc1064314710127964d574fd8239ba3d6dcc98b489296294e5a26e3c79173acbb489966ba91d432e3147b5b21713a5111410488

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    85db0e9dabbf2377b8024e439b769ddc

    SHA1

    e14585f1cc404349f9041c5ad17ce16126b9c6b6

    SHA256

    8521473e663eacca8dee72cef1a2add2a2d08c43217c69338c3cf56e7e6be21b

    SHA512

    1fdf8eab52b6cb807c124637bb8c0a9deb16a24bc28c7e58678e95a56317c542f7e1c3c64848344174b9c0c31fc0ff227bca1cc5b17796a659848393c2c640a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0f414be9481e6e8a17d68d0a4e58fb51

    SHA1

    d0f84615a99105a63c469869b704c2421af1f49f

    SHA256

    1dd8b880c65aec9faa477a01ff4e916ae32d066dcae30ab91d6503dbbebf7734

    SHA512

    6eab038baed49ff0464fe28987ba1c7cae4a522ead28880723eb8cce8b555f38d122bbe9cb99fb394b2532a810306cfc20180dc132be9d48c63a0927fc19fd75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8593c169f1a183be22a0c354abc666b7

    SHA1

    c95e3859daf9ce937eb4e0e0cf0f571a96e9f22d

    SHA256

    39072c6dc95ac7c51392f8d8f6224e9e0782df36b462280b2e7886878a2183f1

    SHA512

    06359f638947288914bb45413f7fbc617068a7f2faed82e82b62c77ac9f472b93692426cba299a8d3bf1689b47f95ab2b360e2937ed6eb455cee1f5010ad5129

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b6aa1a2001fba29ff6e341b6d9c9f89a

    SHA1

    6870264af46575d6ec90980452345602af4b7414

    SHA256

    8c533a1f48a73917722d38966e394e470caba7793f7a2ec4c9190717556adeeb

    SHA512

    716e1804a6527ea02bd08c8886f0212489c3ee5f97295c6249c1f184f3bed918177fc6c1c3bf554e9e0c46907d225b774f00dd92d1ada9e91e265bf79def2011

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDD66.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDFD9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit