Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d174f09897...8.html

windows7-x64

3

d174f09897...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 08:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d174f09897466e04af86303c67234a06_JaffaCakes118.html

  • Size

    218KB

  • MD5

    d174f09897466e04af86303c67234a06

  • SHA1

    16add5fe894e8120c2d29ce84f2d39616cd7230b

  • SHA256

    e36b312780b7623457f1e72eb493e962f4eedee234d968df79b6e79068039cc9

  • SHA512

    7f5a7a93fe7ca4332dbd499df6ab8ccb708cb0718e852d365f5c65cf3332fc29fb847699dbde0f211aed7f230dd19410476c922e9b38c056783527cfa022fd56

  • SSDEEP

    3072:S5JNnHygm8ALgyfkMY+BES09JXAnyrZalI+YQ:S53nSgfALdsMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d174f09897466e04af86303c67234a06_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2152

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    363e7b1f5c149a2c798a5deddf792288

    SHA1

    3c9cbdbd5198187e360126913d8af4d52b208557

    SHA256

    851f54e9a6f876b9a9b3bf90fcb43860f1140862e61895a0f5a53f0951a2dc30

    SHA512

    e3ff7fc93a44995c370260461dc7f92185aec8cef319c02bba54394bb4b68bd36a05dafcb04620267b5abc285b1f6ada02fc9c70154740a3cb11e83687d8044d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58b64fdd68f0173c85e872241bbc8a7e

    SHA1

    b50865391bcacf9666ba48613c9ddea1f11b8ce9

    SHA256

    033238bbc97c3e3bbde33b927d5c995d9236ab11b6c004b1070b9446e54cc666

    SHA512

    82da83b031344738ec0e2d50a712164ed78b5bdf08b8c4edf0818021ad4b9bf689ca066c7d85c3c41c7e8c2c6c01dc00d76820242e9e998d1889e7d9a810401a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa25ea4ce04ccbdf742121143f3be9ed

    SHA1

    429f032ec7604129ef5b8c79918f8ccdea279479

    SHA256

    d37b6556df06c841e60c292568c7c10c40c27c3ed1e93c83be0afa9ae539a5d0

    SHA512

    5b547449f8d60584f9e21801b0a7fee5aedb047ae9c9dc1a23dc6d476970a448722db617a1ab5928451abefc3228700c85f356e90be4c779d1b13f9c36bd7062

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72f19eec68e7a87f0a58d96240660213

    SHA1

    96193c87e3016744ef5357a88eb262266b53831f

    SHA256

    eff98a3b9e5e44e4798178bffe92cbf646aa399e4abc9e9694f7ad7403ff4f5b

    SHA512

    395f5e4e21678b50b6866f33a973690674e8a9cb40aa78259e9920027dcb0b8a22566a9518ebc72110dc11b307eeb103d28e244521a7c000a8c35a5152fda5d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75d6179455b9da430ab24322f0476430

    SHA1

    d62002233ff11762742c318a77d9659e19b89109

    SHA256

    e0985ac598dcc4e27352d63cafc34338f6b4ccfe64c4356491e046a598554d9b

    SHA512

    1ce0007832076da8dccfaf03677f698b812dc6ba2c6433e8e81d881ae7f14c12d48782593a6ce0aa446889f8281cf2d3b60f67e3af268cb22583b82d343e326e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3f2213d0864f9998f927a307f9fc830

    SHA1

    04ada212f279f7cccf751b52ee16d6d9a95a842c

    SHA256

    3aeaca4a0ca3de0fd3565e098e022161e578049f13f8306163ce09b0f8a55a75

    SHA512

    3cc4f46020b82f0a367e5102acf25436cc02c86c3b8832295cf450e53ea6ba2f44b15930a13cac7234517218f604d016d74988abf954b8bb93d40142c3d023cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b566a02f4718399a428755824d579074

    SHA1

    3774f8eab2ff6746a49af437cabe36e050f3df93

    SHA256

    3f5fa192d42fa0e40be40525b9aa59aa24a229f84fd61870d4b3c7c29d8d0e59

    SHA512

    190b3f6805f07b1a57e868deeb263b95a51dbbf1ff7b9677f41bb5dac194f6af6a59f1726b8098ac575e3ff16e7cc644064a9788e5c42f6350e0e63b8fb6efeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75ec1f6d037490993e1be3f213f01a69

    SHA1

    39145c2212be0a485a6879423f252b49a9a77184

    SHA256

    5b1524d531018c15dff83c67268e565fd81862f01c3066fb7baac398709df3b6

    SHA512

    023b3d09e8e45bbc17f1a377acb638f637736bb0d4c0d13ab59cfe95a0afc4e9377ca3166d98d8b806834350447ed6b09ab1b02701e85b7b9bda7076d5eeb315

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42371123680a27fc5d24128fcebb34c8

    SHA1

    ac03a521fd6cd6873f7561123a18f66ecb006e09

    SHA256

    effc096fe143107659012f704e9b768112820e531352d763263a6c5d34927b9b

    SHA512

    498e8085e45ed203284d5a068a926d6959f116e9df2d7a47ea71adf44d8fedd5629b2c28b35d9ec70ebadef35f72b1d20149e7a1884c0cc3663baefea0b1a983

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9435.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar94B6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit