Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d0eb428cc2...8.html

windows7-x64

3

d0eb428cc2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 02:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0eb428cc20d4288d6e9e1356e7e48c1_JaffaCakes118.html

  • Size

    6KB

  • MD5

    d0eb428cc20d4288d6e9e1356e7e48c1

  • SHA1

    3b9e6ba4c79ba288f40daa9db8228022bff0cfb2

  • SHA256

    227f0ae1c3b8c3e8dcc9df2f939b3f3be16c3e6f64ab7b0bbebefd647d57ef19

  • SHA512

    4dae3216d8ef977adf99e129c54ec98d838d12254924a94df8ddcf54c88c3de4fa865ccdf3a7509062a97e7bd2bb17eaebe58da4d364803f4b1cd9ee495c9159

  • SSDEEP

    96:uzVs+ux7NVLLY1k9o84d12ef7CSTU/Ph3cEZ7ru7f:csz7NVAYS/43b76f

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d0eb428cc20d4288d6e9e1356e7e48c1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ad2eb712b418909055c253870a5ccdb

    SHA1

    027ed2611d5237d1e1dd597a7c31f20a0aa65e89

    SHA256

    28c73a47ac4f30e88e381ecdee67e4d7c186d75e6fb4d517cfb7f238b3a35e42

    SHA512

    e12ac550d5cc5e8b52e5b8aeee8a02af4afd644342152c4dd2c23588d43c303123de5b60bde8e42c7d479506d14e7fded82b84b7633b2ce987878cf756559e09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e1bdaef3e7a909b10f27a164d7311bb

    SHA1

    f2cfb0fb75047ae30264bc8f683a5bbda0d1c3de

    SHA256

    ece121ab9c878955f2128cc05c9f670236946a482ad0ceb455a037d7ad98f0a9

    SHA512

    043c736785eb2a94ea4f5919e321a4f8eecfaa4e41d9b65ab3580928601c12313873daa97c6a1aaea17fdc6c758bb58e9054793e8ef3a97cd8e48613de19e843

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    895fc3144cf2e2d93ef8cdd61f7813f5

    SHA1

    3d0108e5d462820652dcb5979cec179b3d5aeb51

    SHA256

    9ab1b863d9b721243909d225036041fca363fdd2b945bfc09b60cb4fe3338fa5

    SHA512

    ad6146e789321490988e402167a3feca30d55713af8f0d5477e616d78df77f71aa73410f9b26528e63c524d21a170a9e956a1c13eae1d306ddf90f3df69f27cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3c7cfc35a9d6f8b7cb2cb9ceec04cbbb

    SHA1

    2df099bdeae3c4b1264d40d6b45edb56bbc80f51

    SHA256

    f9bdffe8035886fc2a4536513d28ba15dfb55987d8d7c029fb48f4ff41b06f9b

    SHA512

    9d5428e652c3dedfdab83f0f0394321c0f0b4cc37d95f34fd575869079f5c55c03888e425454f83a8b51f95b5c5448a3f7fba5e551b481c53a626acac18d39ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6cae09727bd5099e30157523b68cb5a

    SHA1

    dbbe5df2ebc025d08d02df07ecf26e96ca8d107e

    SHA256

    b7406b5723400a2161b06592389b71d9e890480410ecd1bf0f76ca89a111f605

    SHA512

    4ba5ab7831d5d7f07c1e8b25e124cd8a114fcc282acf838d2a6ab645d3d86c95ffd8e7089ebb8b84e65ada75d256ead28c0316a426d378873f74cbb7fccdae52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed151e76219fb4c33812c99548081ffd

    SHA1

    d140f0dae5302264a11a51890119433f8ac89923

    SHA256

    2dd9b7d1341ec7b6b72952cc853b5c5919cdaeee3caa72debdb84edcd81b8181

    SHA512

    56df99c9e4bb87106d5a8376e312793be5ac800d19233f1ebd1d56c69b44feec91d0ee21be70a124d80c70250722583ef84920c45a9c18e3ea6080e9fd492a19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00c09987eb6d9a93c02cdc755a11fa99

    SHA1

    2bccc593b8951826bda8c05e90c2346100a7b4e8

    SHA256

    09d3b35e55ad4cebf13df5ced40ab2c9288021389a8cb3908335465ce5d9bd43

    SHA512

    484a835ccc3355cade86d2dbad6a1857ff5ad3fb79930724986e1a276519888364e3413e304caa46d58e97da0240a42dca34a5d00287c9394fb25fd9072aa085

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79b63fd1b2cc5e711f6eeb622f38fb16

    SHA1

    6677c448cd01cf2d5b04ebacaab742dede4120af

    SHA256

    4fa3c7709e457b09216395287771546c7e523069f8eb9b8e5a332371965e4eab

    SHA512

    33b72077f5fd12049e2dc053ecba72101a1e17e3edb0f99547cfed558cf60861b8694535a95399098127421738a3d7056059cbec0534295e2efa1a00a7e60405

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    346218c1ae932b6bd76c7e3ba2b79759

    SHA1

    df47a248e1f8d131507539516ed21b02f59f7116

    SHA256

    4c2ff11eb95efbb80fb7ac2907812cf8a3b8cf6a72fba11b7f42f6ddb87870cd

    SHA512

    525194c00bce5fe8fcb42c4e6e16806d555c8f5f01933d138dc52a473ed658bd2251e6a09f5ff7a6d513a46d6a985bd276093b01322e99cfd1c90526be1eff93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c405a3cdb7075861dbd7bb089159f452

    SHA1

    2de942999cd2d5072c6e2a104de68a2e57b3d752

    SHA256

    a8f5da936ce32f9c47c249c773c9bf379b94d10bc1883514f028113ae80fc4e1

    SHA512

    b70ebd8033a4bfad5ccdccb3034f8efed9932b1d4d976fff2692b615025644ac57dbe93c35e53c80e73d6d2627f3a372979f27b5278ccdb9001792b76e7bb49d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3811013c3cef140ad4d0c7db17eebfb

    SHA1

    2adc93e8700075cf23d423f301b8f1071a5c9500

    SHA256

    d1c33933d636c661142b98c64e381f20f94d97632cca725395da01ed7a58104c

    SHA512

    874d09a4a408d89b71cfe841c3112240c111650ce30f97ce48720cc382ecb39cf4a31f507e4f2a668455cb8490bcf294ca415e5b790ed3d0f4c4e5e304abb68d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00e78065f01551fd659958706ff6e826

    SHA1

    9ffc8f854b558cbce4c4c5d7ff35337681f7ebb6

    SHA256

    411690e4b51c2b4ad83a6fb53fbb59707c7c74a285745884ba9543a107ae1a5c

    SHA512

    1c0867a6bd7d4752e085b8ee29168b23c1ad28a046a0a8c88d7554c41ad1e06dd6aa054b7c9149bd58ba84b7c123e7a8fdb519cc7aecfa74db4fe031c3c3ef24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00ac7fb149e858a96a3d854be6f0daa6

    SHA1

    509c384d2c23c12e2b361f3a03cec370e77b87f2

    SHA256

    8e725914f017b24262415d4a5157b5457b19b669e31d53cb4f11b5936ee9a2d0

    SHA512

    f6595725f175586d02f413fe680c549adc71e74ad972051f501b2fc817030ab6b88768d925b794589c2888da7fc5a728bedfa99144196a565e5786a0aa2765a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD368.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD427.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit