Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

cecfb98bea...8.html

windows7-x64

3

cecfb98bea...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 05:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cecfb98bea011d58bf20290c8dbe95d8_JaffaCakes118.html

  • Size

    120KB

  • MD5

    cecfb98bea011d58bf20290c8dbe95d8

  • SHA1

    f53fe4e79baa79f83ff2eccbe340085f104c8e5b

  • SHA256

    b4176a10db59aeb709b92dae63a193598d968c17291297854aae44895a73f9a3

  • SHA512

    e2fc5c64d98ed4da5533cb296d41cf294008d8e8ce08363ec6c83093e21f499495b42fb7f0d798de9f0d807cb25c3a30b9a25721f08311e9a83d52372d84d056

  • SSDEEP

    1536:pbMjw2fMk1D3O9Pj2fcnjqHAIsfLAcaVnzcZf2SEip:sLpiLgzK

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cecfb98bea011d58bf20290c8dbe95d8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12be5ce6de853c29c4d67d277fe7afe9

    SHA1

    a4d607d81fed0fae2f57f23f011e690896d54e4a

    SHA256

    909816c129ea4b227362036efce046e395f47c2a0dfb73fc1abd187c0a2a1ff4

    SHA512

    3155f80f0168748ae485f5220017079342bd534cbe27fcb9032eae6d211f6d6726bfabe6d6f72e88702dd3f6387951a002c7348db50965b179422595d2bad437

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0b2e8884c3a7986edc0317e8f7e1e83

    SHA1

    af0670fb94c32cb3284bd704c3061929e050215f

    SHA256

    5fb2e9166d710ff4cc6ff62057f9234a0aa060280d3e7df73513ae4405e9da7b

    SHA512

    a24b3c7ef936cb14987b6ec0f40bc3191200e88cf11be38e55630d0fa96a56e0b0dffe7e5282e5fd18f5e21f0bc88d9f33439a18da9eff972a1d9ea40c805c16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f2a825f2707ccd5bed92f218b32a15a

    SHA1

    0b23d5b9adf4effc7752ec93798c6ca89af46784

    SHA256

    bb507bdc7c4627c53cbbd9355511f92233e893c075ca15364a53010de1fe4ea3

    SHA512

    868318f93cacedd2e478e3dcffcd1bc2c8a43098cf71fb19e919e4eefb8347339efd01ba01e91327e35bc03deab90f0f6d340b1404a08209a937b33b79376b52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5041e151f35bdf3efe5dea191e1bc1fc

    SHA1

    6e12370894975694465b6dbd38ef92ff10243544

    SHA256

    89ccd2f4ba9d4e8807e9c9f78a8dd14d3f1d146d9db987f746673673212a70ae

    SHA512

    54f4bed193387ba21954a163f90b3d5bdc042c0ea1a2b1b0caf1038c227038f1147e7e5640eea9f6a880a5132b85ac7eae4929594404ca1e4261e9469c29ed43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0435909c31d4c14ef9cc3c773eaa579

    SHA1

    37fead89a53ecfc29be250aa82cee96d3b443f15

    SHA256

    3abc7ad94f380c1b735f776a074da9f36eebcc8ca0d0b9bce16b9d16a6dbf03b

    SHA512

    2a4efe8781cc48854b9589d2d148312f4e86f27457cb6a30d6d512c03654bc181da64d5f50991594e7ba47707ca304eaf5302fe3aa13212429157a31141d433e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    441acdfc6737309505bc1d8252a5a9f1

    SHA1

    08670c9383f1a90d2fbebbcadeb827f427fa50c7

    SHA256

    7793ec5dba5567776a003f80916884a70e41b525790673705c6683123a0d71c6

    SHA512

    b874691ba57ca8158a68b77d50129546292f55dc04cd1c4b6f675ddf2fe155d3c8e42586fe6b1f651f84d11495d6c7dd153aba5b32896ffaadc0adb591b2ec65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c46ba4cc61ea6f3f9a206eb80eea4489

    SHA1

    a982e4f3ea096e88b5c1fb6a8b348f37026a4a65

    SHA256

    3d5cc9456198b2effd458e787014e6bf0aa8a71578e8f6303c6b295e9ea70eb8

    SHA512

    86827e6b1c5256a58c0d945c1fadf932d71d6d0e711136decf7c116609acd0ae8ef1bcedc11df9b917781bf2afd298d2f00a26d9dc463e73f9048560ec149990

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b6a92bcba8a997370addf4de02b7924

    SHA1

    e8f084911210b22969b8ba65bad66c65966f7b77

    SHA256

    4f240373689dbf4e393e4ca216a3b66ab553ee71252b59bb6f28ce5c1f65679a

    SHA512

    1f07d1eea864d72d2a4fa5f538c42c47fb7579cf4e0eb003fb075206f61d7b7f3f4040a07d48f1e8d1a677053f245a03040a52e1a64fe31195b83dc37b2f0137

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae1a4e265fcf2067d839de96df233403

    SHA1

    d139d16c3a7a1b9312d3ba7a136cf1cb55a5eccc

    SHA256

    8d99e475f236bac6348c4e4a369f842dd7981ccf4509181508c0dd138d4ccaac

    SHA512

    cb71e850c0245412a2af26f29db0b9ddbf59741f2747a811a5ae57bef576a0eb1add5a58b02642e391f25ffbf9b6b0dff512b6644c055fb0f3c4396656bb7715

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc6cdeca139bb99647533cb39784750c

    SHA1

    d118e175a3e3b37071668440eb4bbe42982aa3cb

    SHA256

    928cc53241b4a4f3b0d12fdb64bda85d2f3a3941201da17dc5cc417d696fab79

    SHA512

    1e5d64f44295592fae2dcaac4637c54d86a65622e8d64b17b8fd0095bbd0ca09d3485fd85a36a969aafe6d690f3e5b76dbe2566d73067fff6cbb1bfd43f5519e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e058bca372f07d8a2482677ede27cddf

    SHA1

    597954b1c2dd9780e7f9a60ad0c3d986c570a5d2

    SHA256

    967d40f847a56010a2dfbbc7a2e4871cd25bd56688dc12b7b8f0e1d1dc7bf9e4

    SHA512

    1e4b1140f35d4d80356c5824c06491a0d64946bdfc8c8a48f5735fdd13814b988bbae3eeee37a0e66a239ef4e28ab1e645c08e57daba7b518fcda42f231b4f28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b86d66b796120126548735b260ec8254

    SHA1

    4f693cb63c5122e67e28abe3e47af2cc9e85f287

    SHA256

    c96593217cfdfa7b2b74c86e2dca01ff699305151f12394befc20b881bd36d16

    SHA512

    cd533c84034c8c2c19c0a6870ac4f1807e98d3e0b1a6d852c89b6d54afb61675a8aef01213e2bddceacaa99905fdfcf5538062fe182b0690fcc2dfabb0cf2c35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e472c16473d928032f0a8ae5ae43c9b5

    SHA1

    d5ccc0ec89d022da06fc89a3e0da2cf73c175e43

    SHA256

    063eef0a9aa3cd8f1e1d1ecbad9db9ee75a3dcb186b01fb823e40c3d2e178643

    SHA512

    40490572d41e5375ea69021bc497404ff17be7a2af94ff989d89d1fced526c7bf865cf2995cbe9e1ff64bf29d36f94a7e108a238f0294e5e8d6aa4c1f825fe40

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44a19371e21f6c8542a8bb2f97d35652

    SHA1

    fa0fc65f0a163a9495a6a507dd70358a6f079acc

    SHA256

    3568299e45932b2aef1d90f011d5056ecb5c25213b5893ce0b6d0d95f24ebaa4

    SHA512

    04b0261720b124dbdaed93d448c2b73dad92223d74bbfecb47d954f6429644831b4186255563b9e11cdeb1967d86a240a520c1dfb9bbdb83454c20a1960ad9b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d7b0f518725fdace3e70eb3c31edc24

    SHA1

    d483a2dc8ccce7cdf2f71bcecf4a33e48a3b1e4a

    SHA256

    b0f0c4e704ff55c90b99a7eac02a4084143cab7c78a2cd25991393b3ea6c66fe

    SHA512

    ee141c4ca9d6993c96fbf121a6aa2c78c46f3ec67da41c897fc16e185ccc6bc0639792e6904ee78d767177ff5e9ee30ade1694969b9f0210a195acfedeac3369

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a491ea6403f5c0b41ee0cd25d3480f34

    SHA1

    306dd0170e63a485237e564262a1d65d0deb9429

    SHA256

    04742bab877c5658f1eb35863c5063c78df2c4a63f0bc55d88d59d8a28d0df4e

    SHA512

    a67caa08bd127947f5b82c8c91c2e399454101b51acdbe53b9c6c9cd1f28b6f9c3c34874ee95615b1515f539ed18a31d7a91249d3faaf07500da99176b7dc2f8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE0A1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE130.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit