Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c798e0179a...8.html

windows7-x64

3

c798e0179a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2024, 20:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c798e0179a1b626135e620d85655a8ef_JaffaCakes118.html

  • Size

    19KB

  • MD5

    c798e0179a1b626135e620d85655a8ef

  • SHA1

    8952256acc347a324ba35303c39e71dd8328430d

  • SHA256

    c75f7ee314005dc7ed4866f7434209e1a8c82cecab063b8556270b1644cf3f47

  • SHA512

    2250c1f24fe5ed6838b9a48b57ecdd51c9b42e5cd24220df393a735f8852722c36648f0bee0fa94dc98f8ed398c1d91fae30a91ad35c57775853aa325aad8106

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIv4pzUnjBhDF82qDB8:SIMd0I5nO9H9svDexDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c798e0179a1b626135e620d85655a8ef_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1000 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d1da75b4d1492c1ca6ce5d7e9fd7486

    SHA1

    5df55c082cb701781410be87ce91f0899211681b

    SHA256

    1a062c6acb00eda0a9134a8af9acb5420506f461e2d27adffd7274b9dffdbabf

    SHA512

    656ce028ecb86c0e62b32f28a7b38ad9ba889868eb2bba4942f37e84d2a28e328d30955b5d49c4f3469e393804abc849b2e1da80ef65e2fea192ce1fe32c3e6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4e6e107e0544b52868b72c0d5efee4d7

    SHA1

    8b64d4edd2c132f91b17ac5a10654e4fba27dd07

    SHA256

    2e60e69c6375e1cb577e596c0e83d3f4bd6c1acd4d5ed1cbd4655d35b7fe69b8

    SHA512

    ed56089ebdc97b40bf5995769e28aa797d5d1ec6c4b1aed8978f3732e1a23120bec19bd2755d0297b9ccbce77f7e282ce58b1a2b54f40e0f6713c9cc84db8550

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    512ebc6b78e755760e2b248a288a4d7a

    SHA1

    fba99aa6927f0d9c6b845d14665015a5669f1fa6

    SHA256

    913f8c3155249417f15c2da4f9d4c510f6c936df00dae8b24237a43006e7f074

    SHA512

    a4bc6f9d1a7e5aada9fb81eca12be212445adc34837a2382d4b6c57e34c1c1731482bcdb6ad28bc23939f3fd24b927bbd6869bb55483dd758444b545a01025f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60f8806e39d985f53e6a736cb03d85c3

    SHA1

    a8379d5ab6da259ff872b41a887fb6276b897acf

    SHA256

    61f0801e0d981eb05e272b19d91f37906550f24472002c176f815f72190705cd

    SHA512

    e9c066304dd1935a0d542c722bd5e87c3b3d24ef46a303864ff759151653b2bc527bea45fa4e43d9f24609d4701640428bc26a4acb92a4449067da79fb3a64bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    396a603fecb8ec57373388b36f30c587

    SHA1

    363e718f42b5da773c5b4dcc5fe3afe1db30eae7

    SHA256

    47616d73d350b52a40ec52de0e53fe92f0cf10fd6e5cd346fa97ea2dd861f6eb

    SHA512

    d6641f7f7b7f4dd4edc8e6ae481831ea88f57bb245e9611a1e9c8f6419ddc2833a7dd9aaa0c21420934d2cb0c0b4e4a4d6d77c877d71f3ad838f45d1beb0249a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5ae52adda015d394381c8d524d2e28a

    SHA1

    812e68a11215dc1d388f984b0e5d276a67395f87

    SHA256

    74b988c5327fbf3f67bab56325b35214b814902741fe8d25cb4bb2eb81f88f44

    SHA512

    d9c26a36a3a9ea274a046cd1f7397eaa425b74edb0aaf3de487ca9f7cc4c0931403aad080278d4ce2d3edde70d38c30526b1bdbcc151c65cf68153996fb04180

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35ab31109d3a514130ddc962a7fdc030

    SHA1

    c30579df7ddf176d294db859c01ed95b52056017

    SHA256

    73ea3f492d2531cc9d39dde154338582505c947336ca2193bc284f142452ac86

    SHA512

    58bb931c3540ba998364c057e9d66bebe021976bc14536c00fc18764c2ee80ccd5ddeadb794bd662cb49a72e95bf6890f85aef5b2e960884b199552a81dc94b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d29863fd1e8adc316835caa8d3d5adc3

    SHA1

    2a13cd330b990d68b7803ff7bbf5eb4d7669f488

    SHA256

    abec52bfbfff37122e203ed4b6bd365aad9a7a03c229357bdb44469c39283fde

    SHA512

    ccff941a4ed81afbf5056804621486df421c1626b45a8f1f8cece01c88454589ded3a3b4fe8285023e220f6246ac379e8140fdd948e8e651d5579b7fae7d064f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf7434f0b81f2536fec11215b377e5ae

    SHA1

    66dec5f2de5e65f6e5e12de488a60fbed31517cc

    SHA256

    3fc79b2d556677404778b9f5d47ef3e51cb289ea3503ce1427ce3e4e0f2be782

    SHA512

    40ee708b9e7896db50328a3a406315713670436127101c820cc78bbd35268f87c32480afbe823e277ff8457635d6813309bf4f0b69611a216d5c7a119a7d5178

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD7D8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD84B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit