Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d2def6e36e...8.html

windows7-x64

3

d2def6e36e...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 21:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2def6e36ecf585789d0eaa88a222c91_JaffaCakes118.html

  • Size

    244KB

  • MD5

    d2def6e36ecf585789d0eaa88a222c91

  • SHA1

    7710fffe247393e321f96951419b1b06bab61be4

  • SHA256

    136948e59edc04508f88ef1f1bb495b39971d3b648be1a3740e40b3620c05afe

  • SHA512

    adc331a512881f87bb31bd5e888deb766f1c3d32972a8df3f5dc64188975f156053bd2aa5d5bf731e6d3a2c0d54c954d900712d2e76183b5677128a5546b5a61

  • SSDEEP

    1536:hdYkmfzp5cOPL2BotJzI3kLjT8Gk6lzqWICVAJidLAaRzf7VMZnFVHadERGFIwEv:hdYuye+E+GpQWTOpZOhsBBK2KKVBTja

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d2def6e36ecf585789d0eaa88a222c91_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    871bbc8ac930d3d1429b589f77f7f379

    SHA1

    217fc106c858bd2dfe3f733831659d597bdd6887

    SHA256

    865b8565fa712e6ef02b382146d627b09cc35ce893e966aa0b05894a685c53d8

    SHA512

    70c67fd95c9112eabfa0a06a68d1d85491fcbd8d5f9c959919cbb49bad70fbaabc6a1ab72cde540f46f049eb0a0ac08ac6342d8f0953a4609249aba8ca503833

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f275cebc698e633cff02f2dc72e6e845

    SHA1

    51de32e034145e7c0ffb60d7af20261adb08bc46

    SHA256

    c6c2ab580ff914175c9c98e3912d032a2cf87134febbcd9d585d3ad512db4126

    SHA512

    11fbebe68dd4d0319fe14096fed82b8c38a45dc9a24a088bf2b48de56ef50bf96d522365ea03e69c0d780f054a71f2ec7aa786e191d33a9a3b23b8bd30d71977

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    335ab232683bf161a7384240aa6f100e

    SHA1

    d5ae47d7b2720a83f201d278cc529854d495981c

    SHA256

    8bf01b793802437f5e4688d0df4891d3ed38f1806b251d27020abef0d8eef097

    SHA512

    fa1075fb8c5d21b72a903e304b3d4f3a8f37e07bdd01d1415a68543694c88cd8d8306aa46c569ec4a75afcc2af6c99aa4499c5d64d4d88d2029994d344f1351b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    922e8fd7e490529aae92fa91c123e86e

    SHA1

    cf3e7dcd0681c60780c239e0c436ee7ba630c842

    SHA256

    9485e9c39f7960ff85a74948accec474fbebd6b8ef446b9646fc8d2795c7a9aa

    SHA512

    fc173117af3ea3b1ce2cf8d48732cd4aeff28047004ed133a1a6740f1541b100ed1fd9019140599cd5d7b704c37425b271270a45727a7abf51cda48172b952be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38b4d5e3d0880cceb74ee9d367b62182

    SHA1

    3f1db76964e2bff5e06e0e5f54e21021c9ee0c77

    SHA256

    8c471b47549d96f707c453a7b86b34e2173db1bdfdb5b3df07d59833efb9c00b

    SHA512

    6489fdbbdeb4dcadb35e9db483239f2098412f5046c532c9d625dfd992a57ec32fda2bedc33de6ea5f69178caabb6bf98971e13dfa7b0eb74397cd3b9c4ed0a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c89dc658c67f71c0e08810aa49f5f1c

    SHA1

    8b91e04b3c8e10ff9549ec78b4c7487cf6c65c03

    SHA256

    54a70545fb3493c5ada025d3331a4ecfa25d15accace6cf50bc582b76db9f6c3

    SHA512

    d579143f8ac62a3d672674c6b93469ccef96712bd52f75a04a57e649e375da7b3ef4e6f41c97581dca6978adb9c8bb0c378904e8a8b5f9f1f7df8dfc63e1a891

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11df5e14fb9de822716ef5b80b3c3c21

    SHA1

    868a615a9d893f8d5b61429bcc73af5a567e4be5

    SHA256

    1032153eb06eb3d7132a69d10521ceebb1021b7bcbc26a71d4dd46124cd9a60f

    SHA512

    e3c6377ba09e98922e1dc2119f88d8bc4eb8cb0966c84592d27be39ac0b7da8609f737fb4c86663874e600eb4683e93f69659ec8dbead9337938be0733468ab5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10432d240e73da8a3a5c4fd1b72ee9bd

    SHA1

    98ee387a607037acf76d65fe61cdf808921f1504

    SHA256

    b6e8f39475b948890ab204d86a53e7b774823ed0572d18549048472c01fe0020

    SHA512

    8e2874bbe98f02006a8c792a834d14d8067911e47291a0fb41d7bc5daa116db3c2ff2c1c7c164a6c30a6dd49942e8251d6a74afb895b3d6cd031de6e0801a95f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e8cee0a40d911dbed527e7a300254f9

    SHA1

    df588a192a9233a5c8077c92837895b94311f8da

    SHA256

    162d98d4aaac4fba7ad7eccc752b052be679a1cad886fb23c7781a256fba870e

    SHA512

    aa2540469abb50789f94d133827fd8ec7d4cbb13dbfbe5156b7a2744097db522dbf27507a4d7eb943f0bc15f7c02f1051b505ae0079825ddc9d16bef4bebf0cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9UR26M8S\b[5].htm
    Filesize

    178B

    MD5

    cd2e0e43980a00fb6a2742d3afd803b8

    SHA1

    81ffbd1712afe8cdf138b570c0fc9934742c33c1

    SHA256

    bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

    SHA512

    0344c6b2757d4d787ed4a31ec7043c9dc9bf57017e451f60cecb9ad8f5febf64acf2a6c996346ae4b23297623ebf747954410aee27ee3c2f3c6ccd15a15d0f2d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC3CC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC3CF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit