Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d2d4cb35bc...8.html

windows7-x64

3

d2d4cb35bc...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 21:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2d4cb35bc1de4d5093d8b50fb5cdd8c_JaffaCakes118.html

  • Size

    120KB

  • MD5

    d2d4cb35bc1de4d5093d8b50fb5cdd8c

  • SHA1

    2a52a097f72f3fe9fc1ed2da96018f0a9124c120

  • SHA256

    5d8e296ce729d09ffb498bb27577b1d420900f8ac7e3471a6a0533ef8598b6fb

  • SHA512

    2ca16fbf6927a496a1379ed1591fc65301d9fbc8f6849a0b5b65d4ff37bf0c4b1627fb465c0177e7765201267a897b750f79a746fe4d0172a0b239d6a403eb2d

  • SSDEEP

    1536:4ptJTKLqa3z3xRwTfBMQizeti3krM+ZN+Q5CKr+:OuLtrxoN438DlCKr+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d2d4cb35bc1de4d5093d8b50fb5cdd8c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d090ed6e5d107bf04d7dcfac813ef2db

    SHA1

    2465310a1cf9ceb981b4825d220b563c1b06f546

    SHA256

    0ee2d0845a4618fec3906beb59a41908d6d09603f396a446e1b0bfdbb4909fb4

    SHA512

    9023540ce41d0fd4d677200b504c86f678fd70447ec357fe5512095ee724de798fffc111df06cac39db51b70d18a1bcedaa84137e39d882a392d8a9d620cab78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    30c0d66af6b954be8fda9df8ee6a0a04

    SHA1

    c2a6501ddf84fccc5326ab13dedfc430f0402e4b

    SHA256

    e635571e864eec78804d5f4aef8c02e2a78434c18b356b120108efe33be49483

    SHA512

    3a91b0521ec72653b66e1685d0ba860dc508ddfc23ebf101334f7cea39d98d1616a5dbf19bc28f77d811c6950ee5af2fd8d6cf54cc736f8edc8783ad64ce7c3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de9f383ba6d8046cfbeef076527fc4c8

    SHA1

    5558e9a29dbbb345e2bdfc628afdf8676d1035c3

    SHA256

    6d8d5762ae8df70d8d11d3d61ca925d9e272d403eaf94839ef20f51f41cec831

    SHA512

    08ad1d852c6ade79538fc52290d9190892f36679c1db45a7c47c10ddf5e9b5e0a10527a67ac5d0b02c1757b61c8f70a17e40acece91888b8b8bf0f14e846bae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99ec08f473e1c3c502440ba969c0afb1

    SHA1

    2fb3a302687278f67dc27bddc0b8171ba830e600

    SHA256

    48bda1e00db424262386da22c218ba3970c17e2f43e6b75b67f83537c3fd6295

    SHA512

    2c1977ad803050cdb0c90418038adce2dfc72fcdf5dfb9f238895822a1cc320afb72e9bc45c45940c84c4059d92ddb56df6941bce870899c3ad2fadc4aa5e464

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a90721dca34e3e1d3345c6c62c2afa9

    SHA1

    0d9564921b3212ff24f99adfd6e990fe6abc8eca

    SHA256

    1fecae91fe9e3875808cb4b60f34f4d8d930257bc723f77185becf4ef568da05

    SHA512

    b85f66516f4006c242eb005952d9dc16c6cb641cb0896a947f9c7e26bd7026505e8248ff80385175d9a6b0e834076c49155d7c1217addd6ea5c5a5822f851a0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3d6bbd666f8ce4a2ad423baadec8ab4

    SHA1

    fb6b789b471fb5711f19e2fbadc0e50f35a3c4e9

    SHA256

    12dfe7de49768dcc3250265abdae52e25bd4c36a0bec3d67c2a4878b57d2ef2a

    SHA512

    79afc11633ea5240df6021d43794a14c89d3ae2f112682feaf28573758d704e5ac8311ce06d3a458fe545cb226a69212bb6684a522eff1c370e93df957f84714

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83fc384a90954e213f8171ea6d7ad24b

    SHA1

    77f2ad1c6b624d76fb2ef64b03a220fce028eb9a

    SHA256

    8ecd96ba8b3a1c7a58fc090855ef367b0350890b083db6c8b0d91b56c9f67d0c

    SHA512

    4e8a5e018ac2f3b9a84730407f06cdafabe6da3838224f8bc1e59d52309914d70d9470d5f58a6ada76f87e93fc3ad23d3df650cb6766c82b5d36c1e5b7bf263f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f3d402bdb6ec5e615bb324e03e242ef

    SHA1

    663926ab48d343f56cddfa545d684d7f105dba2c

    SHA256

    3c7d814aaed19632e18fc49d374667a3b50bf608268afffba621fce2075992f6

    SHA512

    17c95f654049dc398ebcc5bd809943ec867b82f40225692d8173126a7c3769697a93829c63a228b57e85008f235d1a4eaab81cd24212359cef182b48300298ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    610cc8265a3870edccc5907b824f7636

    SHA1

    ebd366a44c56e69d02f92715d37b605011cfe677

    SHA256

    d2f76ee5ae4c456b4f12341c2995d81a8af4b78b0ace6d4c4d3020c65c7223b5

    SHA512

    6b2b48d5b9d4a8de579f02a91bcb83942dad4de47aeaefd9b2ecc09f68b8aeadd3dcf63a54efe0e4a9262e120571239b8730ccfacf82776f956f526fdad92e2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b8cab1b99f2cf57804203e15e00f7bf

    SHA1

    ca0b9627f3787333ae201433a976c178e0cf2412

    SHA256

    5aec1de191a04978546ecbf2eb51e2265fc66246cac4443d26fcb1422e9f037c

    SHA512

    d2bd5a618b30dab77b5514825978af8007be34bad6f8cf1bb141fb12c45c73c48ad69453132ba85763c8d56c9bacea1b7410fd2db6458013eae23a265d7603eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF9BC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFA5B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit