Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c799748070...8.html

windows7-x64

3

c799748070...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2024, 20:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c7997480702a3fe191265dc3fef822c8_JaffaCakes118.html

  • Size

    19KB

  • MD5

    c7997480702a3fe191265dc3fef822c8

  • SHA1

    527d2016264313b4d021eacf7245ded6aa569b7a

  • SHA256

    6d60529549444a31f94467593cf72e3442a7b3014f84109e1ebb2f3eac1a899b

  • SHA512

    aa3d01ed22766222658abed5d228cb526b3c632fe333e5fd104435ddc9aff1824428773b42530feebe020236eb5865aa4387c6a182857310076fe32da321c3fa

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIb4ZzUnjBhb982qDB8:SIMd0I5nvHFsvbmxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c7997480702a3fe191265dc3fef822c8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9dcbe8e7137defe0aeb64c97c55242cb

    SHA1

    de21d2c9b7e30f60383953a30d937d897f62dbdb

    SHA256

    bad6387194c2f3727c4d4756bcd6717cfc9232b2f5646def0d0c61a1d49b70c0

    SHA512

    21d61040defd6be55566c10ec99ec3d166519c04f413ed236e1c510db7c877392c36964ddd8bd9d03762dea9db0e19ce126b22fb3673929def532d5ac6ce06ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64cf56afb9092439154c083c76a38225

    SHA1

    582064264ec61393cba0348184eca6b516559c1d

    SHA256

    51462625e216ce487686117de617f3aab9b880760e4fec650495cfd4ffbcd92c

    SHA512

    b3b9f2b074bcbe15e20b32ef7bc177c2f179e9b062b0428be7c6e93055d6fddbbacde58cae33d36f27a500c2143f107eab00f153a9639330af0750c58260a297

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bbdfec76d3599b97fb34a5ce3ad0665

    SHA1

    c6874589e218bca594c2528f388e2951dc76c2b4

    SHA256

    23033d73692dfeb44fcc347f4549146558b934bb5790ab0b8972f2e06677cc7f

    SHA512

    b5b0bd42b52c777f63886f69095ab7adc5d6e112f82319eb8349ddac7dfb4f4a79e35e4b204ebd2bad53abc8dfbe925564d52ffe021cf06a63c3bcaf5c56ea56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    887b52432f386f6f694523f98a685596

    SHA1

    770f3b91f30c234b9dac3604bea0a9e3cd59a53a

    SHA256

    17eb9e4de8746ee82b6e208d725d478e224e910f188855f66498cd02a0c65e14

    SHA512

    e586a8c2c534b1cdd4e8256df66441d0ddb261ae17dcc0c5b477ebf803bcc61cc5f1b7bf398c75abfa880cc68f888ef3ccb55b806f70b44b0d8f1d0283e411bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    689eb942022a5d9ec1763fc96f448b37

    SHA1

    0594806d33ae8c830e07e70b0bac5485ae619860

    SHA256

    3a81efae484e04770c53b7a2ee393a3bf2d73f76948bad51547703bbfa839fb9

    SHA512

    0500a5a7db6f8b57e25440743831f34e820a5e3f8b57c2f68db5eb5887c93b792e450df2cf701f4c903d9aafec9ae1a364e7b9598d4483b446812e95fd5be1d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61c543aef5483a266db67c325efefaeb

    SHA1

    614f0d5e1410bdb98235e9e4ddce74e8e148046a

    SHA256

    8ed570386080aa217c669b20ab27a9a40d260d4650b8b4258421c8a3c79f5bc8

    SHA512

    237d4cd58d2427d91f3690dd29c350ff8d386a6d0ba6b6223c6ce970fe436f907d99a852883eed58e06f37906d607e999b5d732ad0a35eb284eb1e75e89fff7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b24282788acfbdd85951a843d499e5d2

    SHA1

    20ce7b7b9076adf91724f3debb5feef20d43bead

    SHA256

    1758041d2b516ed05e23d1da024dd12d3058ad1e73348efa99c3ca4deaa39b19

    SHA512

    6b65dde19ecccb18d651eb6337ec666ece3f36f48b2389e5294e4fb135380262771c699054dad1b54e0348f152e90d1d67a06329c0a612d03c9aeb47cc79a1a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5aa7e73855f36a3911710942dd97f226

    SHA1

    a3e6742dea71594ac18edb0ccc5da7db3d203a87

    SHA256

    53b8ac403c13bf3c5ca7ab180970cb27198fac3f4dbfbe0e3c62309a032b5f0c

    SHA512

    2896e6bccbf3c211e3d2971c9d5371fee7bf893dc8fef6e878e15e9287c4a896c6dbe9817d51e36922abfffa8822c6699301c13fcc3e6915130d20d081fb2659

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56dc5b67dd6a40df3cce082acdfe928c

    SHA1

    90ba48f08a4c902e6bb857c26c8beb685a98da18

    SHA256

    04aafbb7e284507e028492c9961a4542e9952a7d4329165dba1508ed8a857aaf

    SHA512

    0c4d9a88951985a15f2a1443e4f111506ac33b4cab0334b07ff802ca70be84fb9f77f176b829b0ad8bcc147b9993a2e175ab7aac19a5f3d3f77c9f94e02e3267

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8D53.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8DC4.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit