Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c8ea44ab77...8.html

windows7-x64

3

c8ea44ab77...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 13:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c8ea44ab77644df50bbdb2a628c6b434_JaffaCakes118.html

  • Size

    116KB

  • MD5

    c8ea44ab77644df50bbdb2a628c6b434

  • SHA1

    a8c2e95de5196c1a36583ae0b65ea21c013933e5

  • SHA256

    522667b7dbe7b33e9ad0c27d09478e9c6aea3e519f52148ffa8f422c76744f6e

  • SHA512

    21848a8146ed54343709f3e0a47fc1bf79b41f0ac29ebbe87ada29fee3b85425a2b13ffc1d962710daab4bf1d12e9a120b582f6d87cb019b831417bc56da6bfd

  • SSDEEP

    1536:SvsyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCsn:SvsyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c8ea44ab77644df50bbdb2a628c6b434_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eedd2b3d2953473a1ae1659e99d5c5c3

    SHA1

    635454b41f27149133424b0587725a71dfee333c

    SHA256

    d955afd4d0cbc58cad17fd7b3b191d625c49ca0b08da9825740e571067e875cd

    SHA512

    2ac128b4f905d33ba899d14a30fe20cd9d32d4ade81ffba585c710c57056e99cdbca98f0ca0ff30fabebaba7d4c64486ba30300b246beb6d3f850919079ff432

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6eb4c3b15ad54e8a9af5964eac78390

    SHA1

    39677c341eefd8c9bff43c8f9ada20061514745b

    SHA256

    6531d25ced33bd4c0a42d5df6e4b0d810dd827a8be6c5127ddb8ef686d078e9f

    SHA512

    276a15becb51ca08716e7a6f788ae245503a4ebe6871d6b7ee58eca227e6d6cf8bcd2202cef508e90ac8a9083abecc884f85df7cb02c97d5f719a878662ef3ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6179238b23821d2ae5b0b346be85c138

    SHA1

    3d15fbc0d2f87af169bb502c8489bb0f58e12f13

    SHA256

    79523f03e356bf136dcafae4c61f063cb6a64f7d1176a628a2eee94af78e158f

    SHA512

    4a3c7eeb553f2a558c93b3c1a33e3f258acdc8090ee28aae2f9eb7a4f53a7a72cba6aeb64ec1d47c6da8f19e365382f52398f85801316933af491cfccd97823f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e2f453fb72669fbed94763bc209d5e6

    SHA1

    3133146e5c81613ad6ed6e052445aab5b99696ed

    SHA256

    ffe7e9b4806c208375a1c2bc233da6b98c55717d58bfa5805fe565ee08722845

    SHA512

    e610feef96ea4d5dd9cb78fa2cbdbf1044be540d8ef7828a5110d72757800ffdefbff0f192e603731e2eec71a87cd56e8e78f5620a44e052fce64fe2ce739cca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4cc2b384893d916d52e1432aa686474d

    SHA1

    ad8ec108309736c9568146fda8f9785288c455ba

    SHA256

    764a825196d02bbe6f7f7508c6893fb9961484e33b6b539a7368860889b3999e

    SHA512

    90ac558d68accf423479ab886d9d45ec7ce31fbe56bbb4a9c1871982e29e1fef781ae52425c75cc0fc3403c3f816746002c8a31d9abe46ce6e7c4339eb40e8b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4142e2e4d118f29c92d34f0d12969318

    SHA1

    3e76cc793c8684debe9d7b5bbb1be3408833b0ac

    SHA256

    c9d693d98324c4b1bcda85843207d431d437b112580882ad8468035ca7d829cd

    SHA512

    2d9f8d3097e64c3820d4353df5f9ff585c64e23627081670013a56336c6c113a078f3efba5a9a3a95c65aeab44994bf225c28fd58e56bb87ca903c2d26da0b31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84bf0f013d5322060bbfef7f925c8b38

    SHA1

    a413132797197d958d1ba0e6bc03ae87062cdc25

    SHA256

    53e3af5bf562457148a28f2aa934908b955a5399886372efa15141e894522797

    SHA512

    614f3ec7bbe1b7cac41fda8d49400b65e4edd27e1166acb78108d925d2273f97c72f3f0fb2ad67dca23800625519602b069dd32d4e86b9a5e52d92e45623a4aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52b67a6dea619caeb3fab1ef6fcbd3da

    SHA1

    8464c48c97e01ad8556a42d85c26f9f42faf7b94

    SHA256

    36934ffd94c7c6ff522cf2a4d261d8542eaa81bb2337400ea7777643c60af4f9

    SHA512

    40511f7b5565356c83cc5ac8007cc70b64745bbff830f8a6d854dc078ab981465c50905bc4bd7e58699a74ebf92b047f7d9bfd2fb5853cf4362db24f03d432aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48986162c024dda19615f26d62ca56d1

    SHA1

    e54f7da95b5a66c4f35908962583969b8ed1aa4e

    SHA256

    1b51d63f903eb2d5aef25707c8961b7d13be30cb25f2319c4d79758d16159334

    SHA512

    42a3fc02894cee1ac1b897e835ab8304b5067fe7df3682cef428804b6669c0b4bdb00e292d6690fc2ee32b69dbd809fd39fd44afbd4108d014d11ed9fc11249e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89b9ef2dca7cbfca3f6d48ff0231f252

    SHA1

    4481b8f5d2675d4ec8de7ddb3b8d3a0d94f354c4

    SHA256

    3a51d2977dbcaf2c687e35a5ddfbf92f89b82edada3f895387e6b349ff9d4946

    SHA512

    b243bcbcaf9c0b224cc2149e46215053ea3906715c5039f3a9adf81015337b2591092f53ab6573b9bc8237862f575a26aa4f2878a569096a73081c37d3e8c8ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eed093cff03d8c2eb2e8fd97942ad18e

    SHA1

    2e4eddbccf3aa4d534139f8f13116752e8e540bd

    SHA256

    2a9a33837a0d46b00f535f6a7ce573bf29db8378adc2335f639c0660d4f76b02

    SHA512

    eeef68f9787d00f20ba0618701f0193a4822ce5a2063b087b59e0b22e9ab8cc9b1e9d423db6e771c1e70596e1330f315e2be135f5e5642d492b941cbbc1f29ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab604C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6204.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit