Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d2d70cd034...8.html

windows7-x64

3

d2d70cd034...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 21:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d2d70cd034c4034e5e26bedc7f822a5f_JaffaCakes118.html

  • Size

    162KB

  • MD5

    d2d70cd034c4034e5e26bedc7f822a5f

  • SHA1

    0631520b63d2efd034060d64288e7c4a810d8460

  • SHA256

    a802fde0408e17df5345b98b913034f291b6d50402d7673996ff3aa6744fb376

  • SHA512

    d4ca144f9015b4d749ec49990a400959dba51c57dd3b97a2ee876871cf8ba2b592a96f28bcd46bfb8e59132d75371b5f0efcf6c7dc32016c4672a1fb4ce119a5

  • SSDEEP

    3072:UwbmcAHHUQgfKgu74oFK5bHdiC/Cq7UKW9DomfGFjLt2jdpCIQKtWlkeNVMs8sMm:UwiDC/Cq7U7omfGFSpCKyhK2

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d2d70cd034c4034e5e26bedc7f822a5f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2808 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    1e0c01e4e93d52ef16f3b669214b04a4

    SHA1

    d33a94ee7a36cd526a804016104a660d86044627

    SHA256

    46c9c707b6b946d2ecb0d581784dea6f73c1a8af5d7984c6d42ccc19e59e135c

    SHA512

    0f9e27b78900a45499fc97d1cfb8e846f9b04fccc062f34d0add23ee56d88a0e485602c8cc31fdba792b4c5e973398b3ee276b234d64149a0df06845ba7b74cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_F968CA97A68F4E6D5C104EC7FE3DFDEA
    Filesize

    471B

    MD5

    0c583c06057bda6e85f78bdf13c216db

    SHA1

    0cab9093511506d69c94f3bace042476e8839f0e

    SHA256

    d645b451f9d6f59cb519a9aef1314a72fc006a577198fc45497293b95c986fcb

    SHA512

    2aba68b0695093faec6eeb59f53d7e9e40e1b8988b38fd908acea19b1a0a7a364b2f1e6168f07bdd9e47fbc66534c2c0be10ac8e65018414ff3e66d302a2174e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    e0203c5ba4fb59953e98159e121b79ee

    SHA1

    61a4120fdbb3d4e8a675aa8359174db823664bfc

    SHA256

    f6e55c7388a29a3ddb181d3c1928d4ace2412442ae5c4235ca373b5d910b8e99

    SHA512

    7972401e76cb7f8191d1d9cbcac8aaca4afb00099c2bf49446a1a445ccfc6a4ef71dde41879695b5096f56127c727d91211240f241c33814cbe59d4a04b590b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d8802031cb1b32b87e638f2282571e6

    SHA1

    db3dd7b14edfd0d4b6aa1f8f020a2649d3b722d7

    SHA256

    cfd75f3b2734640cfd94ddb3dd3bd42aeb75b65c29c29773043077a6e0351d9f

    SHA512

    4e30d6597edf5e3e6f98cac8c0e1542025785a7a7a3c2bb38271eea7860fd09a495698a9fd9d208f486fcc459e081b3157ddfce10cd7cb9a3d49375450e847b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0f55fe01f942631eed319369334aeab

    SHA1

    f3eddf8fdff5c4568a35e93dea977da99ba062cf

    SHA256

    cb01212e7f1af747faf2dc9707fabefcc294b2df0b2a3451756461eccefa482a

    SHA512

    38a3f58728ac47ea11be7990d6ad57db8ebdef4216db38fd9ae8359d7fa850d1c3bb5bc0e6a836a7baa8fa76158ea299c06da94f87da5987bece72aa901b0a96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b34d9b1ded176019aff0d003bdbac2d

    SHA1

    a950c775e33790ded137f2344e26679f0ddeb32b

    SHA256

    33cb9d205016009ab0da2f4960699aa42e546fb7b7dad7416e4ea8cc5646c867

    SHA512

    381af98b4fb959ed653f06eac9b7a9543a7a5d5872dd0104afb854dcbf6e7e14b1d85fca322c20d49050479d677071950afcab37bf7ea23f88fe13479cd6569d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9cd6761996410e62a61221182d5189a

    SHA1

    d34e14ecafafd0d5d17e6cefc427aaae6d6db5be

    SHA256

    e28453c3763d90c0e0b4b7d553bc0c3cf2ec6f9a0a02946257366b975e9b78c2

    SHA512

    0de7bd6241bb9c13d0e5798fcc175ab806e7e95e0e35785d91c86ffc2f15004de1b09b26e53b867df32f0db1c0484aa71876bcb381176a8f8e3533a31559e5e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3de8422fc9c7f959fc08e464b542f22d

    SHA1

    3fc3b753a536a4f338cbd99653c425cc8a783200

    SHA256

    36ff5bee67071762fa47f178dad1a10268ecbba03e628201a3ca0cd6420131ad

    SHA512

    548b2cfd091bb6aee7091efb1cd2aeb446d5740754124d2246d902b50e3de04044f8c876ecefda2bd465c95ef6a7fc4c48e21b08ce6f32b69b33db292cafa8e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea1cae9a010c43339b51cbe5d76fdc68

    SHA1

    85e3461d903cea210dc89644f64034528b38a66d

    SHA256

    c62fb85e619e046f34202bd5f652a219a63121ec6d038477c1460f6d70bd10da

    SHA512

    c9f0926f79a153a482df34922f2236f9fb3e879187652666400df0d8911f750b2b501958dee95336f311f446bedeb98058d56334da40c9ea2d66ec21a778ce40

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab910B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA0B7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit