Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c809b181e0...8.html

windows7-x64

3

c809b181e0...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 02:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c809b181e05f5628b0e3894408b3a4dc_JaffaCakes118.html

  • Size

    23KB

  • MD5

    c809b181e05f5628b0e3894408b3a4dc

  • SHA1

    357f4b981c645918d43fd35b7320b79cb8a1aeac

  • SHA256

    15feaf5deb676598b3957c10efd3f685dd2176788d1c7c1e2eff32594c15f572

  • SHA512

    e79f7573a404cafd8db6f5f0a6e192d518fe236a11a6aee2305a33a01a238bb715ead1948242e1f3f8adcc18d52b155674119465adff93ac0230f87cdc7991b9

  • SSDEEP

    192:uwzbb5nVmnQjxn5Q/onQieLNnfnQOkEntc+nQTbnZnQtBXzvMBrqnYnQ7tnAYWnn:DQ/nY1V

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c809b181e05f5628b0e3894408b3a4dc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1496

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8104f893740d34c661662e5e2b0c404d

    SHA1

    52c6e9e440fafce03dc488d7d09f4e436ede4433

    SHA256

    7eb4f811718deaf6bb71dd68cc4bf3546e323e8af51eb4b0696fb2048fcd2020

    SHA512

    87bf2ecd143646e4e9280a4b3e8285ad084e775b537c32c3587397e0b44687361d48012626184ce231176e248606b96af297ec952184c63b27d72b86ce29e4ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88f89e5e0ef9ef8c9beff0be857e0b81

    SHA1

    0c70d486055fa9568e6f091b8a5ace7f7bc0e758

    SHA256

    d86da0513aad5a66569299506b4f9133b24bb3615a609026932e2e36ce02bcf3

    SHA512

    71eeb0b7044659d33962373f55b174ffaef77d2aa7bb10534ac446f5ffe7fe1f7ab7183a3977ccf32e1d14741b52e774b70ff9c972fd14ddbca5eaec37b182a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61c413b8aa07a152b34686da28d15f26

    SHA1

    fe89fa95ba467ca155c5c0cf493e7c4313fa7ec9

    SHA256

    ea5d2594de225381c2d916bb9b81669c92ebc8693dcdace84b35681f4bf35ce3

    SHA512

    eeebfe042450a971a7679957c658df47e20cd2a40bfc3e95d77f6667b3a7a10e9e3c5473304c06756c90786a9773c71d1b7ce9f9184fd82630211505e94841d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9df39d81537be9a6b42f28434484c7cd

    SHA1

    0e091cdc8bc586d9c518ed27baeba8d18c557cfb

    SHA256

    e8410f927120ab375ade0b6e1070d3d7cd1138d8d14647990a1a22cfbef05f81

    SHA512

    ebe15f2dcdbe36b2fcced410b5783ea915c58cddc7ea47501d7cdafbe52bbb16acfae05ee649307876d0170084e85d10dab6a1eca83e61b461993b545a7ebaf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6def8e12a70bb050f7d20a9704d7311e

    SHA1

    969a2167e12b787c875f01d5764f60b37eeb2ab6

    SHA256

    d51cbefbfa3bf641519ddffcbfbc213020b6884f770e874a1b45486356a9f362

    SHA512

    6759f2ddf32ba3956669ce1da63fc2c05f61ca0e5f9b426dffa5cd7401765f08152d74792fc96a08829c3b9e7aba398e4e25e88e136066d286d017b1ebffb56c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    925e202848202debd9708060a3b92592

    SHA1

    591f5424b44d90a177c0eb47dcc90c41eeea5649

    SHA256

    f2675c056b9390e5baab201c8d9b5b650868092b61f3efe9d9b7e51307d6a1e2

    SHA512

    8fa2905dab953f9bca0bb41a602a1727cacdd094a5179f8f85def92b0a193f10c3835ed1645baf50b5411150763214d9c7a8f836b923130b0448d8f692ff7e48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5c9362eccd843ea5e58c42cecf9fd334

    SHA1

    898a2680080e7ba910307d801e4bd51474c28d94

    SHA256

    1be938e1ed67f5f2f3c06185ddd6e67f37386ea20f1aa292e1f1e77179c8034b

    SHA512

    a28bc8018e53661ef98183444e0ff22180c0333436580e83f1186124d2e42588b0f62750b64618067dfb57a3d64d81c477a043628fd5fccde0c2c6a4568a6b49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d71824884af671348e5cc18d10dabfd

    SHA1

    5e1ba6fa1e7cf985e88113b3911ee0bc77abcc3f

    SHA256

    283077edc4b3fd42de0c1debdd1ca97adf71b9bb2875d70cfb957614fc7870cb

    SHA512

    4fa33e152b3317c069449bc1c150acb74c800f9163d4ca0608e2e1c9cde3356c7b448eac4706f1b5a4495bdee6f46b08d451e290106917ef7cce4259e83089da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7741ff89631e0a7f39bc7d8016f4789

    SHA1

    f821f38aa9091b36ecf14efcedb4e6f67cfcb95f

    SHA256

    5913c33dd5f4af82b569610343211c6ff72f9721fde1f9e8401c54af2b7ae62c

    SHA512

    0fd58154ed6c4956fe51aec8097a5c8018054ee8484e40ada605b46520839cf2a27c4b70c02d3fe94962082c33e11873e02cf31b1f2048628942f9f286b899b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab95EB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar969A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit