Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c9540d0beb...8.html

windows7-x64

3

c9540d0beb...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c9540d0beb680d0861340c26dd066eae_JaffaCakes118.html

  • Size

    29KB

  • MD5

    c9540d0beb680d0861340c26dd066eae

  • SHA1

    497e7eed1ebcf450b0402cd84fb9f3c614081cdc

  • SHA256

    c43c9bb827c45b68b787a3468e9378e3265e22ab77ee3622f43f72005930826e

  • SHA512

    d1356bb305a7ff3fd0b6f7f78d2f2d975e2e30ee7c7beadb6431b7f811f1b327021c3ea2a2f63a59627198a71d215c0ea80857c75de5fce4677499c15125fc41

  • SSDEEP

    384:mkERvLICNRql8oAMBCinUVp7Q/nxw+Atf6hJEZxZ1xZ7BLP9QjfkiscvWOT6Wrtg:gD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c9540d0beb680d0861340c26dd066eae_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1456
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1456 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9184176cc6695c252893e8d5022ba387

    SHA1

    675c7e06e162af1cad251629701c87643f10ae8d

    SHA256

    8e620fe27107d9decac19b1f643b6d90510b482481f7d92956699b505470d147

    SHA512

    6cc3d7bbb06bee5e7a1bf916948d3402168f2a0e7dcd9a54a8fcb197fbcc7f6075e5fa2b384c13f93a801c508bd5d54311f9073d9e4cf74bc1c5de377effb001

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23316e623eff26223c465483e028a11d

    SHA1

    e4572dd702dcacb22e6f6a24984b9afd577c3e0c

    SHA256

    df7e81c90c440b2b5105ee78846582df6ca79996501af7bf23e76ec82c8a2cca

    SHA512

    100ba4047fd82baf9927459b9e6f3890bcc8c2a58cad57d83a4a61bc4666064994837c508dfd0f9800d60fdcd866b9074c4937fceb05927e58e840a515a40927

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11c7d68edc1a4484e919fc3b2d46fd61

    SHA1

    b951b9c4b137b96f58af71d66c3792625f5a4732

    SHA256

    71e07acbc356ccd9e6f2fc09a0dc8e52d2d27eeb95f4ce5f8e56097b51cb3ebc

    SHA512

    fe4f95c7fe645ea9cdd45a5100261824a0f1e4230c8dc030405ec86572338820a5daf25e25a6bee91296dcbc590af1d61223c1d1989dccca68b78e2b4def5436

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d19f17c7ffa46e0eb7d4730a50686b2b

    SHA1

    454d58d57861bfbb21f068ab119f6741546d82a5

    SHA256

    59c6f5ee07321112f50fa5e40913050817040e1facf5512f9d9fe4cf223b85ab

    SHA512

    02c6d55b6e59ccae3c0fbaeb35e2c3b7b85d6d6d6ae2a4c380fbf2f2e4167d2dcec4f4cfecd6c134f6fd37a11e6f1c323b725b5c84a2339035c94e52732a9fdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9784349b746175b7c440b390c4132512

    SHA1

    f7195a360fb6d40b34eb8478106601541e88244a

    SHA256

    65b08a170b47a33a6bd7af6fe16c2995a6caef94879acbac6a44db549814c3fe

    SHA512

    ff11e6a7b45731ed5d6b156aead19c9eecd49f4c6834dcacbfe55bca096d01fc98b93061f67b5a47081da162d4eea24fe69572b8cb5ba9242c5b5c0d1d1cbb5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02c990983c3c1968ae4db260be3e476a

    SHA1

    b667c95183b8d479070e873c8b326404d235df37

    SHA256

    e0fb50eafcabb0ca72e94197532b11a4ad134432c9fc4f6d6865c16c9daf9451

    SHA512

    f5c77e40e72c9c93d343a97965639d7fcd9dd9dcf9f8f6767d62a609786db2d8a20120aa87a462aff1520a164fcd2bf61a7379ae992d4537abfb15763e6637b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef9391c141a70e864912803d76ab10b9

    SHA1

    b3e98df7ebc345262b231895cd3e527b75a66b12

    SHA256

    77384084b300246c3e319346efd7f51a12cf62728c3638c735ea8523b3e222b0

    SHA512

    bbb26f0366517eb9da7052fa77c680d78fffb7f5ac377bccead7390f0a45a7f7e3f83cbd943b6894665e4316b61f84be96d037b4d569ae29ce4a60cb0630ce95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6ae7988417d26ea183ad8ade5d994f7

    SHA1

    4ca49348e7ce0207292bf05fd01c8378b4e33287

    SHA256

    45e4b2e23d182bca864b88ed2d5602cfdf76a6cd0440bc1cd3cb08d580fc0150

    SHA512

    74b3091902c56b5fb167d7cd386b29667fbc22700d44ed7914dbf1976710df0e6b2de5adf0cc2313fd30f87c3708447beec2acb16a5f3647d9469d2357c4186a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    35946649f8b9ff365bb9574444ab94cc

    SHA1

    c551a1d6067e6356ac2088f5f1d291bd390102a9

    SHA256

    4dcec9a76113b4801e5fa01259ba35d4bd1c190232cefa603b0cc1e2008caa98

    SHA512

    b5b32c2b2c42610662650f1f6e07b0889c02f224ecb0933ff613d3064a0a7c68841d9030fc5f486c2f10c5f2741c783ceb8d97609560faccb1d0e8b6f27300ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab34E8.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3548.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit