Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d1611ad1c1...8.html

windows7-x64

3

d1611ad1c1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 07:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1611ad1c1cafa97b9b2222e778d0a23_JaffaCakes118.html

  • Size

    203KB

  • MD5

    d1611ad1c1cafa97b9b2222e778d0a23

  • SHA1

    795cfd2462e69473674380666706919b29c8d65d

  • SHA256

    f4cd2dab3dda99b34ab864291cd8d57ba45677ae5d92515235e66589be382bb3

  • SHA512

    e8b252ce97c638acc30542c602984d5727735795980dead1a2601258085dbc4fef2653879f14a3dcb388a850d2cde9199e08bebf11543855d11bcc64351420ed

  • SSDEEP

    6144:S+3BEyDvCCEgBdPW7nn1q1le0HkjJ61/s:fEyDvCCEgBdPW7nn1q1le0HkjJ6W

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d1611ad1c1cafa97b9b2222e778d0a23_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2728
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2728 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E39EC26C9674650589C7927EB524F7A5
    Filesize

    1KB

    MD5

    af1c77aecc8d77e9aacb0c475840c392

    SHA1

    00abefd055f9a9c784ffdeabd1dcdd8fed741436

    SHA256

    9d7c3f1aa6ad2b2ec0d5cf1e246f8d9ae6cbc9fd0755ad37bb974b1f2fb603f3

    SHA512

    c5d1dd8b4ee8a17a351bb0fa40cc020e9b3364c59d9006badecc61bd5ca0c2b9729eab50da166633e4b0360ab914c42aa74cca861640e0abe5514430bb0daeaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3982fab9153030e243a4ff4922f24507

    SHA1

    7bd2353c7038942cda5511a02becfa1d11887a57

    SHA256

    286373b213db7b8d9e32643d822824cfe69bf0fefc3ff551f48296cbdd51e129

    SHA512

    3b1ac8d4ff111d16860f130252f28684c946f3395cce586213ecb3b731c3b9e544347377d4e5583d13bc0a8fba58c4dc69fac337980347c64161a023b24cd32d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf9c2ef0ddd6d2bab553c4ab55d9ce7d

    SHA1

    8522d6d1ae8f996f58c037b49919bfe1315e9837

    SHA256

    4c6b9e8682a9e555353c37565ade2ac2b28b9655e6e28b014bad02f68d32ea38

    SHA512

    22beb7d22884bdfb1ddee9e153e208408c658d9e8f3ceab2445f24883893ddafeae5382efb1af89602bfa83e733ea99f400d7afe432d0344ddd50b00a2fb210f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0047e859efa1bfa686d38234fe1d7bc

    SHA1

    32521eda0215d32f6561e0ddc9c635f4fa15c23f

    SHA256

    5ddeca043878517750b89ea3b0027401a00231f46faa27b2e4b1a994c84887dc

    SHA512

    79a356c625040a55d31bc060f2a7eb617ce587d1b52f58a3a61fef31868b35dba70b6be061ef31b786f037975a5b76eddcc9bf5e13f46dc2dc3d8e6c52977f87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef87932b6e1b38692d68fbc32f4a310b

    SHA1

    40fc5e76c61366a265694cb7751f26af9ba18266

    SHA256

    6487da6e239891e0406eb250ee448e960a25c019c07358416a05d5e89293a216

    SHA512

    cf04dbe36674b3f1d4d4fb7e22d350650360b131653d281dc89fec9121648afc860b65540d0b353b0a9d0a133dd39b2ffc467847cddab5f4314b78c80dfa8d76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5288341ac3f5c5b71cfbdf6f6deccb2a

    SHA1

    c5ab9e64712f5a1c52d0442ec34a90b534b2bf67

    SHA256

    f69a7d8290bc04888240a7d277e92fd5787181484e74fb5ff87dca3e4fd53037

    SHA512

    c89b1e5b601a813ca70fdfd8009aad6bbedd320326ea7119c85e03ec426f742a255d52a46a860b5dee0b6607f7020382908aee40e1573cd9e24c20bea12b0de1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f93417b0d512c567ef9e8a467f17cb1e

    SHA1

    57e688f747baedcafbdef7c6d6d74655e38a1b4c

    SHA256

    c777d561e8fb0f7616495072b8fdcfe707c0bf069d1ca6d3a3f8c9f205e1f607

    SHA512

    d4239b6e2f39d779a441e82fa8ecdbac81ea1b19727584e9ff50bca92c10a7a7715bb090e9cd681098c286160439392617e46d129cf5040e820f4d6d8e567cee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51a3fd33cf1a2df4a1a5b9ff7b255580

    SHA1

    1928c12a3df9084d8c0d3aafe3a63d118b2c82d3

    SHA256

    22afbb678efad3edff3ca33ad7a81edf4d5d477bdf4e727ea8c2f4d15761dca3

    SHA512

    6ef7608e67ae6223218a423e622d8018141c0ca90701515abf765b98e85f6f5f9a7247a39a36d2640a1ea7b6a001266da24cfa6e70b29d62697f6483f662615a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00aaf508ab4e2d6aee52d77a0d158b6e

    SHA1

    aa92a76b39238e9a9f27be4a60e2de94a7c69ef6

    SHA256

    c074edc005f0f1f91ae3bb5eb38fe55a0cf57095c59e8b008a6ecca89ebccc41

    SHA512

    ec33394d4cf658f2e70761de10502f6157d989fb53aa0a1d73d008230fd4410bddc74943cb0261cf67023a37bbe4310f6b21e7cfcf33ff30f2c900ebfcd4210f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab85D5.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E12.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit