Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d0ff134c3b...8.html

windows7-x64

3

d0ff134c3b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 03:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0ff134c3bb7f819a6e6d0ce830590cf_JaffaCakes118.html

  • Size

    30KB

  • MD5

    d0ff134c3bb7f819a6e6d0ce830590cf

  • SHA1

    183311f2073f7c28464235700f5ef271d2b2f564

  • SHA256

    95c04341f4218691754d36d7b3326b6a87df94db90efff9181d2d71bf117a268

  • SHA512

    29086ba4909ce9b2050ab17decefb41c0f252ca6dbab35d37e94ecea1e36210c68b73b03f2a7f05082d4ef8349be6e3548abe9038713731911ff1a052c2ca2f2

  • SSDEEP

    192:uWTbb5nhGvfnQjxn5Q/ZnQieENnsnQOkEntn7nQTbns8nQEXCbAv9EbkcwqHAJ50:dQ/Fivm57HQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d0ff134c3bb7f819a6e6d0ce830590cf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2812
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2812 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37cfdbb8763ac13c861a0b1e71588ec5

    SHA1

    44c7698df660fd234fceba6f15f6ac0c324cd9a6

    SHA256

    3ae94d29bf2e2478b0e962aa1176cb9707c1c16932ec8a76b04847f783e8daf6

    SHA512

    b64b8aae22507055d354fa8f1860462ea08a29448518a5bef64b437b14216d06ed019c74b4094d6be1f74cc9ebb04fb00778b917634b6987f1521220c86e6027

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fadb16a9f68d14c70f37120d2d5942ef

    SHA1

    8bc726f9781e0300150b1bb897c5484f4be4c498

    SHA256

    0c116aa241dae965f09cb31fa111852aa206f25625380a0a5ac86aca94ea38c8

    SHA512

    93a7175033c1df1050e61f243e426858fee8b08c20b131674fe1df394ec3f9cc24bf393ebd40dc25a928942a7c5cf5300369c658f321769b82c704b8418c6d35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a51eb36d1c41774616e26f8faf46086e

    SHA1

    07b395a9a46c4a1251a2e06e02b6121d7dc1b522

    SHA256

    78af4bc69924e6ec84d91c3dcd41dad5bfc4021883817f65a0e0de63923c3c6f

    SHA512

    b010cf2f902a4e0a18d9c99fb66ec241c5866bbe00df2216b6c8654f51654d600b4ba95c8b5e228d4e15d528a89a8b7dfafe4f3291da7cae521caf3aef613bb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d986e88f41a5033bd36a14558dd32e91

    SHA1

    ab8bb0ea94ec9ea9bdbd3fae49a20f2e09cd2886

    SHA256

    92c620f0e42b3bb6405e2de8ba36276cb82ea95ba06803fb898802adcab0e834

    SHA512

    a126f0cd72aca62c5fb2cc10225d0906c65075d8f63edb288002c34d600b0b9a654813e79e4f2f3c0bfdc7e5008a59f247b8c213e4afabfb0457f22225706b8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    669c4556feda8f5378a8030ddff47e50

    SHA1

    0c11b6d4b4de1c53b960fe5330d51726a028218f

    SHA256

    c92afec093752172c5710ff05ac366c4c7b6b6b536e1f8423cd6fa0086f20791

    SHA512

    dac5826e381d7ea3eb062c09a294276652a7757e28c9e41e9b7c7c6fc9d9653b057c5e2811454b43057d528867c97cc6d48e330cbc8b2fe44b086fc26a9412a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6e6fdda871af1285111ce43180eb2e9

    SHA1

    77e1846b956528f226ab71c8766a00796d68b79a

    SHA256

    dd971ea74258bb9dfb867b267781a39fd4d40ccf26d830865bfdbe5b02c3e6a8

    SHA512

    f68416cd4905a672924489547af7c780c64d92469e84fd53f89eaebee86e06f20c0a81c30f48cd23874f945d43fc646b7a5cd2f05caab255648f267e9ec67ea1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d6c40fc388837c92050d174d38564af

    SHA1

    e2b3a6a59ab633a6d62e5ca120465c3ac98b8a78

    SHA256

    920a54c13d039f1360ab5ffc96fa7fb416b61a2ac3b1b222f1c93d4f35ff921f

    SHA512

    314e3e2e27e3bbafc66dca6aa96129299c20c2a287b6f0594efa199a4f0b9effa95cc4a30e026417a6a3fb085e836f8caada71e62bdc885737697320a0b557c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7c3102ab3ddfbd0e6ce464a1f89a959

    SHA1

    d4bfd5dc8f4e689b5e0b8f1651ec77ac16a9b526

    SHA256

    9ad0e1e173379c239d2921dadec578a2de0f36dff9c9a04f6762eda08234e2b0

    SHA512

    31af228fd80cd3a28b3cae4fcb9038c08a84e965a932d62db73acd16f65f832cd1072c8a5497f87bc6261bb8c62d2b95205264c0449a0ea53c7d8378b8cd29b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2938bb21f13b7f78e08bc2a78edbed3

    SHA1

    c53d0f4d70c55e8df3eece4975a420e4d33b66d8

    SHA256

    8a7804297c8235ece9f38dbe4d1ca1d756f9f94769fa2d50318c9f0c9df6a231

    SHA512

    27ee8966fbc7f9c9c82b55b717f21017c439874b4fe44890c7dd5271db4589738875e3c4c4ba5c6195b7f58e72adf909bfcfd742504a154a5f0d4b42cbbc7964

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4b7f734c73ed019ca0ed7a6ecab918b

    SHA1

    d4316ce9213b60db1957f772332f9b783568f719

    SHA256

    ff2673a397c55b2ecdeb456fc2c9942e50862b46d698f3dcb82640b1bd6372bd

    SHA512

    2c779e696a4514ff05c2db18790d63f0398fcce17c293e3d23b623b79a5b182b2b3ab8abf8441a2cc407179fbd1b9d767ceac337bf749c8c80118fe6e69167f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1C59.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar23EB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit