Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d21ed6c2da...8.html

windows7-x64

3

d21ed6c2da...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 14:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d21ed6c2da7a8441149f444797bd0d4d_JaffaCakes118.html

  • Size

    91KB

  • MD5

    d21ed6c2da7a8441149f444797bd0d4d

  • SHA1

    2281d8f67a860ae77ec1587e4e08d50da440b420

  • SHA256

    609cd1d9247702bda3a659d9638ec43851a7e40085c2a186484da253d3b22665

  • SHA512

    f5cbb6b1b88ccede2710a0679b07c340920326a043294de0ddd95ae5091fed07517bb4e131d5cc410dd2ccbc1ae52add898f3a64377e6192d29d2c5ca0d6a4ff

  • SSDEEP

    1536:GeJQfpB6Q14w0Su27Od6QY4t6ZbAagdmyb49M+3di5yp4X+OAyU4W8IMETymJ4d9:XA8g4Q7NF4YAV4Hd94A4e4bQ4lAgMrgD

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d21ed6c2da7a8441149f444797bd0d4d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1564
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1564 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0529adc8b6c46a3862f10d5627a522e8

    SHA1

    6bcf853ade48380d472e8c49fc58c17675017077

    SHA256

    df8e1e80ac561ea32fb6f0a7eecb5b87431bf04e1f468676e5ea8756b34ebd20

    SHA512

    85ed4534e03f5c174b858aeae248efe58b20003c79244a46079c3f2ec261c1e46ae2660c0ecafa37a3e6320127798b699bca0ce92a328d0351bd5760d1892388

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ec3abddb8e4429a2a31c84266b6b662

    SHA1

    abb2b94fd6d86adaf9e16f16b1bff3f8bd45c062

    SHA256

    5afcb76cc47e4a6e79c7c4fbd226f61422cc75a555a6459933e850acbf3088ae

    SHA512

    db86c8da3a3ab37f8df22d2d8f528cdb1ab40a8fd0396ba903670d012ba40addd159b0c5321fedbaa7d7462c9fc4633d28dc6f3d5d61e7a18f00f2d83fe12475

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf4265f879f396b2f294cc96217f9b2f

    SHA1

    73a96a0c5d141e6f2931a8fd03548fcb1e42e6af

    SHA256

    0e28640b034ff7949ef680055645607a7f274cd268a3220f975769fe2b618a2f

    SHA512

    015a09c4b57589a156721d6d0eff04783329582a2ea06ed7f843c71edd3c8feed1d216a7d854f23def95c41f36e89e23a8a2069c5c436caf52063d7fa36ca3f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42984fe65d68d22a1bc4b9c1cb444c67

    SHA1

    5c06f9caee5265fb422651fefc094759ea48ae9e

    SHA256

    c2114b58be5e6b6b01d70681958d27ecc0b081585344d530d8c5a070eab0bf98

    SHA512

    8ac4d2997293d27ff6afb6b9d4d584dd0b7e51ae994e8e52fbd8ebe4e592dc45fbceb36911c25d10687276a64a0a4b35b2c78efb0348ae5cec7a9301f73e3826

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f6000b9b0d76f2f60b38d53a417644d

    SHA1

    f265f44a199a5a9357747e4e2d216f462f0af217

    SHA256

    8254f8f21399d5506f34d055371beeef38f6a3c969c1b1d201e42821a0590dfe

    SHA512

    8ceeb5b36e300702b58126d6e60eab99e93c99ecc2533f58f1838a9fec101fd66a1e8c248599a05bf2ba69715df26c6032545074fd2d4c7149e1db3dea2052cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ecade8d099487fcd3f189c383007a85a

    SHA1

    b04fa2d991b9abcbc5a71cf7ca06fce3a4abcbb2

    SHA256

    278ab6db3ab78866e5e3352eec03320d986a8eade854f45cd0c27d28aac4ada6

    SHA512

    992ca0414b7e60cf57ce862425f9201a85a5d288a09d95dc28189e20413e284a068341bea47306ba515a03ce1b8a264f500249498f5e14b7866b8bfcb994fc92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eab25c7a5d2f4378c6e1f4d25d31b1f0

    SHA1

    ec8c2aa84dec99e5ba74a85742d31a6af842f0fe

    SHA256

    562cd7a81bc41e824e6f03d071c331243577458d82410d1ac059a1be1ebbf4d8

    SHA512

    05951c74616712aba1f231def006f21d4a0a2c8e5cfc3f23cd54231d70946a66fd0f82498f970ae7d3690a471dea84cbe9a286cbd4bb9c1f4a0874f4f3b21a93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74ded1d029153726c1336c416337146c

    SHA1

    4a15fc3d1e1935ae4bf25528ca5b7c14a0863c1c

    SHA256

    9d20880702d40b39d2f718b8fafd7a5ba30c27d203898f0a1d52797e4dd5d886

    SHA512

    6cb716a3f5d2e696d6ebf174292cc7380fa742abff8dfc8d816ef8c8556611541e1888d0dc263e7121813c8da1dd75c9f5547710eb59d37136038180ec315438

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b68a2ca9e34ed923c675d62ff85977ac

    SHA1

    d5168bbc7c6f6fd9ea03886d92d676f8bde60de7

    SHA256

    9d7c4b7f43128e37664f0922360a5c83e163c88c71d64899ad9eb0e45321cd37

    SHA512

    8dc2833dd76e85c67c6d08597ff0cf7f557f80fcf3b16f7a25d26c6748203e9db66915b14d00ebfeb68770bd8b5356f388efcbf69d782e92511bbfccefd9a6d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad7fb318ad0566e96c9761de726da5c4

    SHA1

    2c4fdd0396c0317bea792ff90850fa2fb7d227c3

    SHA256

    e1210772e9c11031f09baa4649661802b67cda0957ddc02f027178ff56e1a6f8

    SHA512

    5654e686cf1b61aa6f35e35a373d6cde88e3dae32aa7ad3e5571238b6fbad0829ca09077837a7240ea9281a853b39e50d8b0f6685f17574acb9d3e37e1ce859c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab501.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEB2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit