Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d13fb1dbc4...8.html

windows7-x64

3

d13fb1dbc4...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 06:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d13fb1dbc4d4549117276f0cd82f8d07_JaffaCakes118.html

  • Size

    150KB

  • MD5

    d13fb1dbc4d4549117276f0cd82f8d07

  • SHA1

    ef89b1f4af19ed4573dc896fb9a49a6f9f9dc430

  • SHA256

    03ae6f2bee4edfe8a9bbc9f75e66579627cf37432c6c3878507d7e29320ca404

  • SHA512

    d7ff50fa0ac25ea0ac173b6a4b98b27865bd6cb164678ad76233deb448ae136751579ea2be125d41fca6a0ea5d16e45d21283b655ab7a9ff35e68836f55595bf

  • SSDEEP

    3072:BOxXK2JgMk7nO5XwybngwrNKuXXVGwHfpQlfSDs/8DGUqvzV26ldw3IawSEKNJGj:0x6K95XwybngwrNKuXXVGwHfpQlfSDsl

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d13fb1dbc4d4549117276f0cd82f8d07_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2864
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2864 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2324

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    23b47f8284f2429a255898985806ea81

    SHA1

    3a839cd58c70540cf7c1473dafd044ab089ab54c

    SHA256

    9f94faf3b9c99edd5a6a1bdd64d96410b9c125fc1d384a47d80ea8b02bf09b8f

    SHA512

    70d4bee1d12812addecc226c4aa95dca7d8b173a4e2f671257707c767d4ac099dd2b8bfe68f01da227628a9a2a6401881ccc81d3fdf191d538787f5675caf6a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_5F8ABD199E1CF2EB9B30F8FD50D3DB0D
    Filesize

    472B

    MD5

    07c8b2d1dd992e83e7e33674c3dcdf5c

    SHA1

    361f94b02be8253342da98b8aded1fc55e0a314f

    SHA256

    294d907e947b9a64a7713906bc9494581ed9bd8c26a7417effa9ff65a568e9ea

    SHA512

    d50eb87242a14a43d3888e9a12d7637645627098c4670309709fc620152b85d32b0a7723a232e7a0086a1b67c362749246fd85e20276a7eda2d4760987cfe4d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_F968CA97A68F4E6D5C104EC7FE3DFDEA
    Filesize

    471B

    MD5

    7e39ff496edfe3dfdb85dcd49da2a777

    SHA1

    32e828e1df87c0e0626525ea6614cb5cde671069

    SHA256

    5b443aa82793c5f4ce5ff89a5547b54a2a49d7d7babc473b8f0e6ba224c6d21c

    SHA512

    38b427b15103458361af67d3c2b4098d65cdb5272e52ead50f6a8dca319b05aa7c8cca2ddbbe10820caf2c55d9f9fe99a62d38fe38e9acbcabef857c74e338c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    170B

    MD5

    7535064e60b92cb3e66b88fc58b487c0

    SHA1

    0d2d400b5a7f2082fb58323bbb853e384d11ff0b

    SHA256

    8ef7eeabfd9cccc7898ee2d9a3bdda6d91c0de5410197540f3a09e3083c84cb7

    SHA512

    c046671f42d14287067dc36caee99f261b3de9dcf0e24d509e6dea53ec74950a9e6be3e549470c456df921ab182ccb2a95a23b1241b771c08e5f840a1d2da6b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d4c44c1d53b3f67092887f2895affd0

    SHA1

    355d0fed5ec062ad8ded8d139fa57d8a1b536cae

    SHA256

    24ffcdca84c00aace34696db989ac4ce09aa58a288d425d2960fdaa99d199771

    SHA512

    b0e02f882cdf822de3db6fbfda2f5d88323180c84ffa6413f7ddb9238a9c9b1e193e196e27d1795412689aff98e3db40b11b4e3644624c2c873709ea6ebae889

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    506763dc57d8a8919586fdaff136d4cd

    SHA1

    7bb729c80480c2b6ecb9dffd6541b52f2cd5e0e7

    SHA256

    c4865723de298b0157971686f664357d2fda1cb382192398ae94fac83aae402d

    SHA512

    044a593152c287358cba7965e289b5372588d7bcc4043c33a7840954a8135a225ef42390355062aa2b91bb4d3fbc7276581040f975bb5e2d358540e98309f69f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c32aab67324c41c967d2592cdb744e41

    SHA1

    94aad35e47e321490a613367f623af4a643cca10

    SHA256

    a915058032b2f92346aac1b98cbb7caa16a66e5cf719e7df1bcb8bd102d66b4c

    SHA512

    1f22783673bcc3874ba8c45b56c5b6bfecf45ecab8c53f23e6562b7c6e15022ab31abf5fd1ae20ed127258a4bc39035b99e9793ab5f92ea4959f5a8808b6b0a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a96ea7c6390c33398a22eb1400c4403

    SHA1

    1a63e3b6325afee2077bd9b9f411087c5cc7be57

    SHA256

    a0ad9db4b36c48691d61c83230d4e1f385f29ce2722f78277fbf8242afd9a7dd

    SHA512

    d74f0593539344ab905a419a760b3ece57a818893422f21262338941476c818b46037acb37a5761dda0f5f19231ff797e1cce35cb295be78a5d19814eac70186

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDE8B1B7E253A9758EC380BD648952AF_5F8ABD199E1CF2EB9B30F8FD50D3DB0D
    Filesize

    402B

    MD5

    1e04953b8afa12faed8166dfb025eb93

    SHA1

    89bbad6b21589b40c9f9d947cebd5a1fb87308c9

    SHA256

    74066498ee611cb9c1aa408e2220008a986c8e06c497f018e9c01d9db274c7bf

    SHA512

    6c43222631b57dd55b0f81d453ec22d464300673b6e8a4d8f4d025445c1ee6c09161eb8e28237ec2e11c9de45b583fd3af26d5b9bbcc3ac7cce0f45500dd82dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDE8B1B7E253A9758EC380BD648952AF_5F8ABD199E1CF2EB9B30F8FD50D3DB0D
    Filesize

    402B

    MD5

    561a552ad334760cf179a31dd66488cb

    SHA1

    06533ed2ba2d18e0f3d9da87e17dd472c392153b

    SHA256

    118057f9118bb2de42695c58ad5d33a2c8988eb9007f83269f31180314638ecf

    SHA512

    e2a4ffe37fc3cf4bfa86cfbf0f505e563c91b3cb082da579e1661d232897a64ce34c9dbac520808d6b3e62e36f4c52317cf4d7505665583f3c96e2b719a53d98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDE8B1B7E253A9758EC380BD648952AF_F968CA97A68F4E6D5C104EC7FE3DFDEA
    Filesize

    402B

    MD5

    82ed87895c33ed17e0be760442554ef0

    SHA1

    e73600d2372b276a39d56240a26e69ec6938b546

    SHA256

    e381d9919c4a8255123df06431e63de1600371354ce875b2288a633632760db5

    SHA512

    9f70edde78b290ee7b1ee5e4b71827f1f3efe48625418e8c5bfa097ff35d7797d07b5bd6f22910031af527de69d6bfbe4c20d42dbfb2d6af6627296f4218c358

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2000.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2003.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit