Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ce62b2ba35...8.html

windows7-x64

3

ce62b2ba35...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    72s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 01:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ce62b2ba356a0700d6220b0b26af45b2_JaffaCakes118.html

  • Size

    37KB

  • MD5

    ce62b2ba356a0700d6220b0b26af45b2

  • SHA1

    9b8fac94347f7d2be2d6641534f2d28a15db9994

  • SHA256

    04a5b268174996721197b32acd064bd0991188d218138d428f456b43f5ad7e69

  • SHA512

    7aae7f0551945923bb7bf683007801678a567fb72712d8f9ad05b90ac84a4667d3be3e02b2ebba186b00171f35d59908c0533b689b79103006590c9564cda999

  • SSDEEP

    768:8uID6GcD03X7aPUMO+DgS+FTpjLV9Ejx8/:sDhcCqfg7pjLcjx8/

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ce62b2ba356a0700d6220b0b26af45b2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    64af8359d4cf02994ba36bb479836d37

    SHA1

    de9496b01c33e5658726ce5280a772a6d8ace8f6

    SHA256

    7c7926f4b7ecf4be6de230c425c3ca6dc9e2c013c9ee269f88443342d38ac756

    SHA512

    752f2b7e64c7b741fcee4dac8d6b7935fea8a17499387414e5174bd2b774e8150028c7049bb9636d0c9e464d918a4aed05995592c11af5148a7533d632dc969b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f2c962a91b75de2b1eb92a99759e8c0

    SHA1

    74a08ab0caa35ef5c4edec13ede6048ebda9d0f6

    SHA256

    69b2d2592a3f70609593281c1dd56b034d49153797a406439e88346aae40eb3a

    SHA512

    881c0fd8fee2f93b0b2b740169fa30cd5a6ae58e9cc7819e8a278b40f9c511a03d53afdbb7449b7ff3b65a264f7140bbadbd2c875f2b8d8bbae55c87a6e09aad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44e9cbbd111bf0027bd3302a6272464e

    SHA1

    fc80b1b30f5cdaf001e652eca8aee522238337a6

    SHA256

    376a6625bc24f694a6edae8951eb58a5ca8bb5f4005d3a2b036f9b6f4ac1f26d

    SHA512

    7972fbd4fb670f06317d090310cabbb8be1d2efd169b841f0ce2c0c32fab67c66322445e0013e4f502a932da567ea544da892710c163092aff3fa943a11955b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9b1f4373cfec85ceafb4588c4f4031a

    SHA1

    0194a3eab84cadbe70963092b9960b66d7f3997b

    SHA256

    6384a97b8a94753dc35aa478fa97720297233576b9b47ec5837ac294da7021f3

    SHA512

    74fcfe147fc862489d4e915aed664d82c430b804e8ac918d17191a3c59310804dac2b0e2e8ca9084475dc888b722dc00642c802c714ae55cc74f911b1a60b0e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f4000e498ca4252768dbc0ef8aa21db

    SHA1

    025ed5d48a5cd709ee0fb959f23c5b8ab63ed538

    SHA256

    c6ffdad3a300a7922531fcc75ce000c76f06e86cdceb86b891d346a2f401ddd5

    SHA512

    02710da76ffc3a8043560479a709a819e37517b36671adf1152142a93c1a5b7a7b1b8f6c4358cdf3bfe2e5fddab1479639fc5e2f0d473148e5435d5c9af72f0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93c97fa1a37cbd36768aa71522fee686

    SHA1

    bc4b8b8c87275a2bcea8d3b56d10f8282dfe6141

    SHA256

    92c7aee4b4e562992944f8ecbf1eeca99c016a43aeb931c8ed82f40edb39cedb

    SHA512

    56ba79c38b9e0c38d20e2663fa6de9473d390a60968fb0c6dae9d691a2d659c162b095165faa3818ec407c87580ffa386fdbe3fc83f31ed58805036445885eab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cad07fe8a975691e01c0e2e2d6ec6375

    SHA1

    ea43c288ab376f51f4b4b82210970531476dba78

    SHA256

    9936b2cc3ed9e34bb1ba9f00b885a6f54f10dbab9830f001a4d1edc0850084a2

    SHA512

    ec93e12f7f92d887d33fd4152211999267df0d9439a865c20c7a535443ff8ce1fb1d35c33a7b07534a810adf0a5d4f5a903ba501151878bd460f8b71fbab58e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f62b8394a2ca0388878a015fb9f6e1c

    SHA1

    e13b28217a1798c9e627111ddebb7ec6f102f9a5

    SHA256

    7aaf00ff0d2386358a4b5310b0cd6c245d8fad6e71f15fc44feab44221b80bdd

    SHA512

    6f3927449a25143b57e5ab6375e53c2d06a5bc9e9748e87ae6e8b6a0405db31fadbdc9aedcd5bc6adbd94c0d940f9ec96a9751dc37d424def3bf58402da43db5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17a5b3da82fd1bfa15237bf9693137b8

    SHA1

    a214de754a4cf07420a9f0374b55026384bae105

    SHA256

    9a314685dd0a2be69914b3a4fdb67da24dcd68214b854a8e0215d66f63014933

    SHA512

    53662002b0d911017c52a576e8c663166387d12b49a432de0509bfc95bc95bf85afa17fe2d71179a3b392ae3d0fe2393837da8f9ea41523d890dd5f0e7a2aef3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c14786e4e7fbf814acf8a5aff7007fcc

    SHA1

    041ce782ae9e955ed5d4b2a3e8cf8294901f8096

    SHA256

    43c4f90dbb8a532504b7a16e90b82f4d782c253951e989a940270f1238146230

    SHA512

    0ebb2c28a0f79c6371fab5d9e9b796eda9fa14aeb980351cc7e08a743156bb4e8184c691f3285c357133d6308c11b67284ad74afab47adcbe007db6fd67e9308

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a829f6825d80a2bae596dc092565b69a

    SHA1

    12bab4adefcabc19863dfdcad9f059d553ea30d5

    SHA256

    8309a457d81a18a91494e27782af16e0cc9a8592a75dae1c56da7cdb4c6aa1da

    SHA512

    ef2539845be2ac8f9701ee5f2a9215d07e41a691204eeeaef8d75b47e9fe34d4c57f8a04b718c388867f5897d2fa16911c346c0008fa59bd3533911defafa75a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a4d45fccf4e655653d9287615252198b

    SHA1

    47ff61b20143d820301bd28826347314dc823699

    SHA256

    d0bd782b275e6ddfc6cd2de3e66358495856770d5c5d6755fbfa06da37c1e338

    SHA512

    851848f9326cf8fb59c388eb924abd93567aa00e93c808bbdc2e043a29f0c692c542aee3c8b9f84d2bd7069108b6779a7721f3ce8e7cfd90f1075fa6773f1497

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E1IWGZ4\PJVFXH9E.htm
    Filesize

    11KB

    MD5

    551eefb0f7f9d80da788732e28c043e0

    SHA1

    f1a364ffb92cea75428cb259577ade2ffbc81c11

    SHA256

    b31353849ae8adeb21ddcb9cc4813d1845662ca1d4009f42ea75dfc726ac81e2

    SHA512

    d63e2e11d348417f422365fa35f2ed87e131f4b4b9a80e40d8fe8a46ae5e2ff76f9d0a150ed59fbec6e14c288674ac713d60b65ba2419c5d3e5858e273088903

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E1IWGZ4\top_events_bg[1].png
    Filesize

    68B

    MD5

    6237c604e84e0cad86ab956870f689ce

    SHA1

    171789f83c616b21faa2e9a2569321da0b93db03

    SHA256

    cb13920a0ff18e2d32816f31460e1d0739e3dbf660697473de9004676a77da60

    SHA512

    3899812c918e62ab523ad933a09ed8d857ed25a1d186f852104757b98aef18e0e7f6be37444ec76d01293c1327f80ff6b444e9cca76dc5079688ff64768eaf58

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XUZ2JLF\find[1].htm
    Filesize

    166B

    MD5

    3ea1c8d079b38532a6e01a96216ba5e2

    SHA1

    598d3ff91d3e252f1e13df8cf0348b270ff2da3f

    SHA256

    87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

    SHA512

    cb4f800a735d5ec435844ac114a81ee6c4a429138119b97f2266edb87cf729f1a64662190d04917ce955b0bd3681610d49be42cd6782989ecd4b0d87ddf8a03a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YW15VCHK\icon_adress[1].gif
    Filesize

    44B

    MD5

    dee4ea879767c619881f10e3c657428a

    SHA1

    1b33194f52803c8a6a20e66d0c1ae3da77f49bf0

    SHA256

    9c13335bb0adeeed0a99a291436c6681a7972c590009d3d4ad7778f57ef5c808

    SHA512

    75f8c3034a54c75548056629bc5bd92bb2912736506b50e37cb8af5a792008408231b6aded84025d00e11ff2952b9d59fcb0995b873e9bc8f18603026acb428d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC219.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC21B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit