Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d14bf397e2...8.html

windows7-x64

3

d14bf397e2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 06:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d14bf397e2674eb2d8079fcbb43e2bdc_JaffaCakes118.html

  • Size

    10KB

  • MD5

    d14bf397e2674eb2d8079fcbb43e2bdc

  • SHA1

    7cbf7c5dafd5b49cfb899c75134d0fd995ac6fbe

  • SHA256

    397e69c272aa40f162a555567a40b0e26463f9dcc751772ac2fb00c7d54df29c

  • SHA512

    8bd859f595ec4225b066153c5443ea306fe7c651118c7fe47dff65d46d36e50c42002a11694ed558cb1be00da1121f12046c202e87f5d91f35b60aceee0ba95a

  • SSDEEP

    192:5w4lIoaNNHofBMD7MKmmm7mmmw5Zp93G0X+MD+kp+HB//PnNwWww2hA9mmmNMmm2:C4lI5NHSwmmm7mmmM+u29mmmNMmmmP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d14bf397e2674eb2d8079fcbb43e2bdc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2156 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    823fbc2b04b41f64581a80b799a7323f

    SHA1

    2dbd33d500de495a062f1294a551fb68494376a4

    SHA256

    6646692adcd9be03a83a5595244f17c4ee597b8cebd1a9c7db7acfe14a468eb1

    SHA512

    047fdb42d543cfa575b747632b3989e03c85688fca41cb3b9dbcc9ca75cb678cdbf4fef9098dbf3860168c5d7aa04ba40845c462e2c234739e1291ac6bfe0a80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23b967bf5a0f1baab448dedf7a8e0a44

    SHA1

    000049484852b23380c6212401acd87b5fb54c1a

    SHA256

    57b5b28f60ccaa57f6750b9a9670126b80242eb94ea10505eb0d9ae4e044d9e8

    SHA512

    0edf10f14796e893fd3215da16ddf837ae3f81d673a68f63bf6f34930f043c2f6b9aaff868123320725d1e38b0fdd98f3ea6643a8d528c1c1cdb39640f135547

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd091c1355ddb6e8b66243dcd5417295

    SHA1

    f90aaee7468d314ccc5cc771f12b3afbd826cd1f

    SHA256

    d2e2282dc9923497f44dfe5326ff8b2bcbde8a0247d80d8094136bcd76103b58

    SHA512

    26d5bc64d03c60ba92381f0bfa44db1a4e4a56e6cf21c77e42e647a56024a7d81ca5dd4a6875861f19cdcc5440e286d64262b9e06603ba3d38d27c46b41ca0a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dae4d754f1887a6e06b9b7e70d2c3b5

    SHA1

    025f88e7d48f867e45109e89803883a3555796cf

    SHA256

    cc0882fc6944d186053e89012fa74ee17b4718c256ef03e6e77920d560c43788

    SHA512

    ca4b2de02858281ccd7b6e27ecc5b3f3771e338a3f1d851d868e2e6a37c5cff6df20b3b0cc1ea93c2777a5a90115421ebf78e3e59cdf72d5dd18d72b101c8f08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46359669acf50d8aab6e654d794c3709

    SHA1

    a3dfee6155ea7019a496a35812d7732841f987a1

    SHA256

    ffdcd4df19992dde072883c49ebb20a4a1e347efc70bb618135f046bd10b1443

    SHA512

    aa91460abdab01c3dc4c8b93d12e9c19176a54cac9af4b8005df5f8af85f77c60c3ef89750032b0bc5d97a7e0c2296c8f370229c08d367316adbadac4d0423ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0d08a63a5efd890e4fd73b1dbe0f61e

    SHA1

    5f25ffac30e104cb9944fdd7452374bc2118d5ef

    SHA256

    ada30328cb1eca530d217db7ae8b101eea432561d91d894b3044af8c532dbfd8

    SHA512

    cc7491ccb85e657bad42bc17ece8fedba5c08597271b12dc420d81d36d1189ff1fa731a0b50ceefe4e38b66b29899e881d4780a84fa352c492619706251ffc72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00ef4c08ec3c7643e666535da42068d3

    SHA1

    812179732ea7ade623e715a0936eb369b8457392

    SHA256

    d288c6173aa21831b9c30a46d56841bb491782e6041e3bde1e13f9531d66b17f

    SHA512

    29367ac1d24dacc054d2b6b6d08b425937fd7e201ec165b105131496657ef0e7030326d09e58454c1eabe551153e1cb2ed3205fa8c05de19a1145a9402d83b8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9961e88128a158fc7227b7bd163c9c8c

    SHA1

    703b56102177fde7396f8abda87fa0ccb57a4174

    SHA256

    d3726b0b91f15b0a4f6731ee4dfae431a2189bea2681970079f535234e0a93c9

    SHA512

    9e546be10daf768d0351fcd77ee6c427538ac6058a406ad8c21244f5d64373353cd4db7be0b7c56e337e879cbf217572f2e4098e976a4af7d2c7f920e022edd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e90c418c860cdab7f143321ffc36402b

    SHA1

    66da91291fd826aac1edb3be564cf83d17c1f56d

    SHA256

    e8a3d3c089347297dce7e1b2cc12adc4d9c5bfbbf47b53265140c4cf2810ff01

    SHA512

    3afa03f70e72ab06488185dfd32b1c14628e60e3339f9dae3a1784c6758512ed924f9d88a004d644ce5afa1d16d16a3a297637ccc2acc6d3d396e9c037573df6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD240.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD58D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit