Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    27/08/2024, 14:07

General

  • Target

    c52492c9cf6985abc1648ae3d01be898_JaffaCakes118.html

  • Size

    49KB

  • MD5

    c52492c9cf6985abc1648ae3d01be898

  • SHA1

    6ce1cce1f5033841642bfa77589d3d00ed14c63c

  • SHA256

    baa1ca0359b2368438a546c34be4d7c84082327a820777f29ca8958dd9e6bdb0

  • SHA512

    c2e1bfcd12d5bd26c373bebe97677bf1321b1419d8eed06e748f5e7bc2af8bfbf463a0573436a5fd9e98bae775828729748fdbd3be1fd4fd0fb3d297c265bb5b

  • SSDEEP

    768:vNT0EipBJHqeWAkL2wiktdZJxueaohHpYR12Sd7a:VTupBJHqZL2wikvX4eR6Rg

Malware Config

Signatures

  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c52492c9cf6985abc1648ae3d01be898_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1856 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    b9e7bf2ed18a6d830cfa58bb70fe42ad

    SHA1

    ced89b679d474a85c77314602abf8361a7bf895d

    SHA256

    858b45c98608b511b87d2786c7acb8f6de6a027e9dd840bcb675c8fe16b66fb2

    SHA512

    20283db73d9f00f5de9e81d6f437ff1d3e1f0d2e3a585626327e275e8b93d1644aeb3dead5bb7741a46de57b2ccabd355ccfee9aebc4d9eed42ba6bee77da68b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    7f6260fa3fc8b8b0a706cb8ae7842916

    SHA1

    361f18cb8f62f36cf29694f26ef15cda2d4d0bc6

    SHA256

    50a7800e13670ec4848c903dbf2c10920e2a035a9ffe8a4c971bc6d34f16ae05

    SHA512

    7a8a710d9b21c05422c7722ae5ea1828679fb5df14e8c819bcefd3089f5a560895538f3ff75745c6fca6481e02b7f77d5e2db79d58f1707b040bf0d71c1ec676

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    96e4334045aa2c0449645e5b6ce9efcc

    SHA1

    0c2940f32d1d0bdf1470c39507a4cf4d10641de5

    SHA256

    7025d13a424c43ac9640ad6bc7bb938227aaa6edcf1e3d0497c754580141d633

    SHA512

    5fb4999df8412a833dd01cbd41e3aacb0deb696029e5b4aa4cf710900fc616ad36db1c5579cba68e15e37acefc45cec3dc677c07574678a6bce743e43af8fde4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7540f048325cea855500860b45463e8

    SHA1

    858caebd1a895fff222199d4f24f18b8c15dc9c0

    SHA256

    5243ad28c9f358165db7b0876e8e8a2fe273bbc6bb57f1981f24369974171a88

    SHA512

    5a85e3afb6ef3da4429991982deca79c382192061752176d22f5526e8f2742c2a24ede71dd0adaf60f4c838c3a2f444e1317e608df33325b3bdef4c85e392ab0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    85f76abfeef75ce245fbf242215adb6e

    SHA1

    9d54441571bb815f06dbf568760a7a4ddd0d085f

    SHA256

    72b1fdf0403c96b80dc1339e32bcacbc96ec6b930af3de84214a21e4d8fbd2f3

    SHA512

    9e00f6337539a2980777165db053fe595aba253dc40bcd3d7fc11a1c30c69d2d119c614cdd296a52b93919a62d70bfad61c34e611971a0f14421a32c2f14fb5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    198a0753dce4ddd8fa22e637a5039d17

    SHA1

    8613144373a2e71eab1d5c15ce85fc18471a8bc0

    SHA256

    67b20a64f492858ca1ef3d6e0d6cb4484638b696cfdd06ddcb58cb5eabdeac7c

    SHA512

    59d18a61fd338cd9a2300750671c5a5be6afb16be7ab7ea3eebcd180aadc7eae647237d10e8a5c18d20003baf64b3076feed9f2146ca5ac942581f1a8f316862

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    808dd607e8576e028ae55b4c3f939174

    SHA1

    59b1553a068627f61c2d7d38e216080d2c2878db

    SHA256

    573f8767747dc152693b14d4754561978ff58cc2692491496452a9975fbdfc0a

    SHA512

    4a50bae581a99ba2833aacc6a6de4e85c9fa2536004e1ef2d3eb22cf15733f2029e573c7ddfd793ff6700bd865d6912d72e371a94df6fe91abfa6fe60903324f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c400db18fd3d331ea6862bf998502881

    SHA1

    87bdeb4c01856fa1d875a51664e62623b9121eb5

    SHA256

    0af88f995c496f8b41630c496ced14a627cca81055dca9006e689c6fce1e0d24

    SHA512

    e0cf4e6dd50ccb4cd2dc71e3dc1502a0d971310ffebf9a04177e59202bc1eb38a23ae1c985c6e95e4073e85c53fe57d039554d51e5ec3f2ec6c8662179cd3601

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    998e5e1d396dd7babc1e06cf8f853113

    SHA1

    c2802a1da487223485b255a2b30e7a2f648a18f1

    SHA256

    b6f50f50cc76d0d8e4385566be6f11039ed11e14c6e42b4dad274c45b2766bad

    SHA512

    05805123b4a6eff99421a1ad0cd3b9b2b90235d4b9c0ab623be6e617d03b2b04eea436206b1d219997083de9b8a5a0221de3c343b5d3a221fcf69132942049b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2bcba6730242d590b6e61c6f488754bf

    SHA1

    10028040064dcd27c106a013b30edf611b9c9272

    SHA256

    6e9a8d13e75c0a03c9940fe66a9421081c08ac06ac9765047f7517cbaa783b31

    SHA512

    e4abb7561a1182ea7580277bee24714d434130a6d23d533812ae0438176f197d5439f8a52551938334292a7c80ec8abeae87b0db75214afa43ece3617d478d48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2163d752493dff777421318bcc6438f3

    SHA1

    1d8c2bf3f8853e9feb51433581ff3b5f3eeedf0d

    SHA256

    46ea79c293f6e1b71e505c095ccf033dbf2d28e33165d0acc36009e5fb23e893

    SHA512

    a26a9b9a16bc9a74b4ada307653dcbe0aadf3925b222c69a3179af1ecdd60ef6403ec50b8c9c8b050e48c2f01c3975e6d11850baf06c59e962ad4ef8d3ca3f91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a76d39948ed294178a9d407220910d8

    SHA1

    75ee91dc588ddf332148bd5b1f2e36aca1e2e382

    SHA256

    e2c88b234e485cc9c71f1a8ea76caf378c1e307bdb00f97b732b361da410c832

    SHA512

    48e03d317fd96a090364272e88ea39b3b6743982bc22dcf118b2595be7d0ac7e74b324daacab578c74dbfdcdd49e1cefa117fa6b117fe8f142c900ed3e43574b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04423e0bbb94d1d6a43ce4a6e0ec569f

    SHA1

    30bf63e7a71cb4fe5976e0ce86462294be76ec49

    SHA256

    a1dd1a9cddc304388c8289226b0c28e6481e68dae28ad2cd91aff2b0c9084edf

    SHA512

    a9dc20f516c345b93a7b732d85c61e0d4af46eefe399d046cfdf345077ed235e8e7b490381b8f99d7eda995ad0f7828b057a6431478aeb62bf1ee96749700284

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    450b07773ba209e9a98453ff5edb95db

    SHA1

    45e1822953c10e9855e5f24067985902a4b04659

    SHA256

    b40f953cc3ffb4abe5dbdb55ffeea24891e9047b5ab4d1cb748bf0cf0b1aad9a

    SHA512

    0c82a4951ffa7bc135ff6abf2f5953cd15d5fe38e493ddc209bf23644eabb9e1f4088eb81116ed833f5a84f4c921c559dd7b4e99287043a08125510c2da70681

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfb6a14f4de58a12152e43135200ef06

    SHA1

    1c048717cc95dd728827d9d49709efc8d5d21f9b

    SHA256

    9dc528bd99c94176ad37381c15ab629c1df14dda37846f486a7dfe2560ffe7dd

    SHA512

    3a7910be73d8ffc79b5d44359c9b05f93bf49f670c0e9f3a710d9c8329b7ccd1635cace702733f843b43bacb2a52f2da84a676254924a0a23fdf253dde70b685

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2947bd18e2e5679d1ba6c305d019f2a6

    SHA1

    a03d46bf72bcc16b1d0189964a261efb75ed1a55

    SHA256

    630181e28690af8d16b2662e0120623a295cd9cb440de3e631c43061253cfee2

    SHA512

    d210c85528caa41642993ed121e128627c8e7eeccd4e6df847731ac81bd32e8aaa07e439535c0eabaa83f892394b988d408dba88200681e84e69778784fe2937

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c93eb1a78ab0a2b170ae7624723b408

    SHA1

    351920bae0214913c6eac8353462417bdcaa384a

    SHA256

    66471a0ddff3abea4585e8a2110b67fb998531d447271f09456b584154eb2862

    SHA512

    9f0daf863801e03a76cab5d901d5b6179b9d064ad89462446f5497c697ff5e83ae73a0145cce5107128f32f490de25d7c66ba6129f1e1b9042dce2ad706f6834

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25dae523db17ec6d51b04a2de20c3530

    SHA1

    c5894f7c8cbe7370aeaa80ed3b29b9595e8e5df6

    SHA256

    0fa441702124643a19d963b71aa1d9bc615740c200843f9ac425713f641a81d4

    SHA512

    a366180589409699ac4710745eb79c7b192c39088374562e8f4227b78241f32af6f7f352f6a4fb4c4c657bf008528f92510995f6daf98961541f4ab16cebcd22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6f68c37136765fefb6b983be773a545

    SHA1

    f0dac8fca2eea1d984004554e3c54c19649397da

    SHA256

    5f934a2304e1cd31a7f6bb9b4cd8902486dae5b01dd70b0eb3926cef1a4ca520

    SHA512

    a8697ea13f9058d57597c701d529648f2bddd375e793572db6a8cbe634472e1259028ff83d7811e95a923cfda95ed9df533078fe67455a437f4d08b4a35b75bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45ced44614bc458785f41829392a1fbf

    SHA1

    8f7c332521c73e7e3a863ad8e169fb803c9a53e8

    SHA256

    55157762eacd889c7ece5a8948ef8cc4a00e885fed492dc59a534f5a6ef92379

    SHA512

    68d9089ebe6593a6dfdeef93ddc09f70f3646827eae2fcb9f6c6f481bd97ba823dc632726f156047f25b3a6d08df4bd195d1958244ae357cf9391c5281a92101

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ff1127343584675423f68c9c002f54f

    SHA1

    52e9f8d8554a6e1c1b559950b34fe39951991865

    SHA256

    978826e26ee0daa642555bd250e1159371c2b3db7522b8f23bd189314710fb20

    SHA512

    1e973ca2a448db8ca9407c1bae7d62dc88e6beea796cf77ccdc945fa7a52eee936482dbfa4114c16bedd67e900ba8faa2b16946545fe3507128e3a1478f07510

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    60812769e8d7dd61be41175203d279d7

    SHA1

    56af8a0f7a9a05948f559269dd6bb8c75968ae2d

    SHA256

    ee2bf4e34c77c8757c3bed8460e05a76ee1dc18d5bc45d42c9afa445a7d1bd69

    SHA512

    6c1dad8f4fed26d7e380645bdd02673174d33928706fbb10006cb802ed501a4f6c31a2712cec89ba58cd8e5df906b4bba03f3c6a9c45ab9d968fd748da7906e3

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPRIFH8L\cb=gapi[2].js

    Filesize

    135KB

    MD5

    cb98a2420cd89f7b7b25807f75543061

    SHA1

    b9bc2a7430debbe52bce03aa3c7916bedfd12e44

    SHA256

    bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

    SHA512

    49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPRIFH8L\platform[1].js

    Filesize

    63KB

    MD5

    9c971144141aa4a6599b9f0954210340

    SHA1

    e0592bc9344b1917a2f37f0b4d163eb2a73bcdac

    SHA256

    fd147b07bdeee3792d9bf29d77d72396488b3bef3c1ef3a185f343192db704fa

    SHA512

    a33736a08af2836d260a7f9a600ad495739addc2d33713f0d03ec6822ace95d64590cb75df9de7e04c4d55b2aa68210566d44c1718e584a9e460fe41d49299fe

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WK27LCMU\plusone[1].js

    Filesize

    55KB

    MD5

    950e589a42fd435b2b6daacbdbbf877c

    SHA1

    78dc5743d4b541018adafe3a2b49b6be5f1c7944

    SHA256

    c5e3093bd5e8a58f04846013ead66d36ca25457a0475c9c72d8cde60e598fc0e

    SHA512

    cf2aa139ee4c2f79ad5dbca6239e4d5179a21f54cf2c3672c45915b3282bda5f5fa702c241d3b5c02805cdf1b48427d34e86b627904055a46ff6ef11be2b2104

  • C:\Users\Admin\AppData\Local\Temp\Cab4221.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4233.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b