Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d1aa6610fc...8.html

windows7-x64

3

d1aa6610fc...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 09:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1aa6610fc1ddbf5f1960a0fd8578ae2_JaffaCakes118.html

  • Size

    6KB

  • MD5

    d1aa6610fc1ddbf5f1960a0fd8578ae2

  • SHA1

    b1312235c9bd7a7af1c0c2abb28e9bdbcae16ba7

  • SHA256

    10dc955a11c95d22d67cf380df0b93417c2406a4c8259510248c5b59851bdd27

  • SHA512

    12ab5a97af2158498a6d0a65e654d5a6308e95ee50090431dad37b2fbd04250e69826eb86169f9f0ba0a795ca0f610db879e188b7fd95b28dfc74a50978754a3

  • SSDEEP

    96:+IVub4Tsuxe5nLlQ63wZUWRwHW1ugY9BI/M69jPUwp9v+/DLp:+Isbyo5hQiPWRw2lY9BI/M6hPUwPS

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d1aa6610fc1ddbf5f1960a0fd8578ae2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3024 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1512

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29163a1a2db4a7b13bd0f9356b09ae6d

    SHA1

    ed19639493dfb0a16784ff30e86fced208c68a18

    SHA256

    b1b9aa1e7e92c9f950fac9ca559cbd2655691d737b800c3c611bc103bab5a1a2

    SHA512

    0cddccc579ad4d23e6e8bbebb1f6d810541e86560af3a4a453418619febfa78521618a252d1c66e6f14c6dc9405de403e93f86924ff74b0d628121fc987e3992

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1643a28003f694ab10873812f92a98f4

    SHA1

    8260092e31ba6ac9954b700cb62ea44952e64401

    SHA256

    a381376df9de0f64837137560284a95933fc0cb09f36a07c791ffd2198c6da72

    SHA512

    9124c3c00f76d338d083f9d9f602ece17fde8cb556ddfcbc3a24f9f1db8a645690376c5ff49ee0c35344245a3d086d6462641ba33fb5c9c36049fe18eb1fa1c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08f99a0c5c9bf0cdd8b29922da88f603

    SHA1

    ac89484c84eac081b3bc43fed5acb3f4c2fcfeeb

    SHA256

    eb46f3b1737b1f8c73443618da31dba38ebd4dc4c80a36f8037f5677b94c5de9

    SHA512

    b6d30533763f2838dbe7494087f1608d289d0e0bd580d9d7cd517a33b777319c85cb666fb2311f934f7c543748d08dbda1e4c2b48a81903f23d342b26455f666

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4df76a999f7876cce451e7f3f4db3fd9

    SHA1

    63fb5392cc7993bc90b0619d37ad00c55d94f773

    SHA256

    bdb9e38f3775ac2dfeb1950a6ed701f1317ea93e6d4a8e9893354fc3adc0dffb

    SHA512

    60be7e3b416492d10fc4e79cca45512917c87554618cd6186773d8a56d10bd18c6e91d4340baee121575b5f91ba34823a9801690c0f9ef6d6c1474c0fbb9a36d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fc2bc3dfb463a67286ebcafbb57f205

    SHA1

    94a291b02bbaed83bdc019649dee0727836951cb

    SHA256

    5f596295dd8e80bea7249ff35cde6ca0f937ed7c1a4126c12ddc2180f4bf599a

    SHA512

    5a779ed20ba2623cb4ec782986506b37fdd3347610aefcda3496420480f6c2888ee8191b02d9a14e8b2eaef99bcdf4b7ad8ed566e4f96326ea5bdcd7be9d23b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b441ac9d95f9210bd51e50e71f8c6fb1

    SHA1

    b41bbb9e201a1e5e86bbc8cf0cda7d1ca10ac1b3

    SHA256

    6cff519258ea115af82c3ad7c3e2e85cb2949e65cf9881774eb88dc7ee0c6b20

    SHA512

    d494c8520b11a516ef1d2b8146c87955bdf31b30427c2f05fd42e3222cab8e63e0e2855b9ffaf962bd1500d18859c0ecfc03ae8cb81e9689c224bda4281f8858

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0fc6f725cde218ddaa658f521536331f

    SHA1

    6782800e0c53a6dd9acb030901c2a5c6a86027d2

    SHA256

    f956c7ffe30d4bd78a1f5c617f2b114cd081e7a08119720a62c8005ee8f211e3

    SHA512

    231670d0d99aa0a6074d346b2d30039bff94740a195fadd60bcc7169c7980ed6fefbfd426caf04869036ffd10758581e631d1b8f374c5630f8006598333e7574

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03c12c399dcd6274bcc425e3382a462e

    SHA1

    6d1d56cbf812bc05de880548dd41a028aab10fd8

    SHA256

    d07bba8df468efdebf8a9cb4790f25aa7443174c709f561feb1789816652c2b2

    SHA512

    db0571497c1673ddad9d5c5346fecbdb1d4c8aa188248df97d092ed01a86cdad86273ea80d19e6b1174a4f42622b2b5f42d650793aecff043f8cf3eb7e1ea712

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    87e44714637fbce8ac4a76d18f2f9a56

    SHA1

    fc06f8b0e93d2695e27f06d7a0514e98a0c5e853

    SHA256

    3d404e3dafa9a1bd7e50ee82a5d8e8789ee1b489088ed5f982bc48e6ffd42f8e

    SHA512

    ef1ff72db2685a2a52952e79b92d91b64e78a368d35cbdf38ddff2c847fbfcd2623fc3b7844bcb659375a06d1c38b9e5cbb883fae103a9f38151bf2da019310f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4debebffb05bfbc95a2e9a36299f2537

    SHA1

    9a9e516bd7afd22dfd7dada072673dd61eee41c8

    SHA256

    4d43a812c6e8357d57e33f19b1b309ff836917f3598f5071917ade76f750da09

    SHA512

    110bdb789f59e06ca70f4fe3d2e575d2ab9beaf062f19ac0f194e2a6df26b5bc44976e073fd0871c6c6970aba996ab022275f6110a72306ef539a472b63550fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e59e2fe32e045b99cec9f0055e3cda48

    SHA1

    2372d8824588375aa15e1d3637a12b6ce95e782a

    SHA256

    31693c57809709ccc8d1d5ea1cd3ebb6fd15e973693b1afd3368b996662097a6

    SHA512

    7f13f984248e49e6424a6f504f24f6946ddc58d9475c949c25fdc0a08a54c6c440e303a51402b9ea614ac635a8abbdb65c93c2ecba6cfa2a56a4bec780d00db9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bae5cf71582309dba184109e6fa0577

    SHA1

    da792d1f8995620e4b4db06b2f503bb935044f96

    SHA256

    5d9c4bed40af8c93c5fabaf5fe1c0816d51db44cd60412f9305631227d9a4e06

    SHA512

    2d55f69eed2e6948ee169ef07f65536995eeab0b4513464d4d5efb18d7455ef1b9a8dd1cd002071ee07ffc9cb7757eb356497f8680bea75038c88b26ebd297ef

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF54A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF5F9.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit