Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d53129a10b...8.html

windows7-x64

3

d53129a10b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 22:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d53129a10b8b0daae91360ae40194bba_JaffaCakes118.html

  • Size

    869KB

  • MD5

    d53129a10b8b0daae91360ae40194bba

  • SHA1

    b178b4cffcde8f6596d1c2e35196c9fbc2f3ea77

  • SHA256

    0cae9eca076963b0d2fa1d57491a41df80882eb5b40a4dd8b5164566041aff7c

  • SHA512

    65d28fd2c043cfa4743e79e5dee60316d18c75b4f30d6e71c3c89b767f1e57ae59a34514a14a338dedaf79ad0b480b626c0e1dc79cb76fba5a7c81b0cceadd5b

  • SSDEEP

    12288:H5d+X3R8mU9jFi5d+X3R8mU9jFe5d+X3R8mU9jF8iS5d+X3R8mU9jFk5d+X3R8mY:3+Wt9BY+Wt9Bc+Wt9BPo+Wt9Bm+Wt9B3

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d53129a10b8b0daae91360ae40194bba_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:856 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2440

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02dc4004e9fdc77cf8d6f92432cf7513

    SHA1

    2cc81714725ff7b9863815be8263e37977b70f9f

    SHA256

    5973e6091c9f665e63e6b98097eb665aaffd97f124d27b62b4448c404ab7d549

    SHA512

    52fefd2e4a69f41b8ba5c7e2d57d9295a34ec07eb58ab27296a30186ff8a90b5e355526c89fa511e8db3b47227f3aa437e2080a9c423cc532710bea305d799e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46bd2a67a73916c0ddf86375be557e5c

    SHA1

    bacc82c3eb5f79392be5deb1d308e5ba723db792

    SHA256

    c9a7e1ba06b662040a508615d2a33877539197da8e994cb0d9b9f649ea0818e1

    SHA512

    f376b6e3c0b1ca1476bc9cff800afeb33bda7a9a8e531dd2e26582bdfe96b1b1b41a4f3d867e863d2d606a7be36ac2bb5fd66deed237c26498faa86b1acb8ef0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5cc67c5cfeb86ca63d665e84c5f3979d

    SHA1

    257e3c0cf019c59d88e90497013c657847375889

    SHA256

    6369fdbcb64bb409fe982268a1745e7063f8d570abd47230d65183c1c0f8e34e

    SHA512

    c081c9b7326404292601fc9f5d50cae4b32c93f97fe9dc67e34eb84b4c3cd89611513e6e312d8268db02a2ed4ec89ee4e9f9e5e0e4cc50bff8ec7cdc87442536

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ca0b28791e88a873c064431fded95ed

    SHA1

    a905066558703050bbfa37dee309dabc87ad588d

    SHA256

    3e4a32a457e933369fe0250deedf4164476821ea3fadfe1767ac379e699ce56b

    SHA512

    c838108b2488760ec5635559fb96f4415a03847e2af67c8b1cbfbf06d1778a55146e11e6d61ae5655ce27faf5b97a6148548f5c44d5a785b62c0056ef5732bd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    415bf8e85355f4e1603e79342d057759

    SHA1

    b2dd555ef273aa26db37c72dfa88aa7e453880a9

    SHA256

    96d06332ba1d2a27fecdf326914d17bce69f11457f6269d451b19c037564b009

    SHA512

    b4e35c2becf698b0f59486dacfbfe04e0be3b2cd16b03c703742d2531882caf02fabfbb134e245d48587d4efd4c425639c99fd2f93b33f9180716b123b1d6a87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa8c0a839f7bcc151cc93ccf8a416b2c

    SHA1

    84ea20bcc6e37a2a030b9e299d883212c20109dd

    SHA256

    02fa933675e6c344767f2e5a4ec23193af70e0441b2a17590eee314efada6d76

    SHA512

    d264e32594dc5671e8f0f00579ff980affa83f5fc05a002a4834625c751cef65cff597a3d80933583fba45ea9aa77af11ef2e8e6b66d60aa374ce1f6ccedb447

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3559574ccc683aa0c1d7b0f2893281b3

    SHA1

    4297cc4baedd86ad2e73b81dedfa933a5ad96cbc

    SHA256

    9215888107c2badda12353311d4a78455a0a3fc8d8ca8e52c5f54b1f2b4c60b5

    SHA512

    c3630535bd893b3d901c9c4374e071104782dabdd305a9965f095c9325951141739ad758e9a203645bb80ba6cca436cc2e84ca2332a2aea084b473740c02eacd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2b905e57fe090297fe8ce4f90c07d22

    SHA1

    171343d93d54b28983086daa12cfd4c24320d7ac

    SHA256

    af4055fba8fc73096b7c341393fbb908df319c435a3e05c56329d148f9de18ec

    SHA512

    2801dc7b774d3a2c277d90babae96e4a0434d6dd56de6ac95163da265d0eefa03c9913937c32402814e3d7fcfe1f8cb79395334e2459257309918f6dece514fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff9f318d55de6b34178675f74585e300

    SHA1

    7867333252e388f56a57febf25bf538baabe8376

    SHA256

    7d9d6ac734106f6079a93f3b40d29f078ea37a8146a32da48d943dbde34c3f42

    SHA512

    4447494b4deb61d4509ea2820a6f9bc077cc85f16b2fedbccafe05f468be9ce162253797aa0d2382f12945a8c5d1c03efbfb657688e18ba9eb8b96e4d665831a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD951.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD9F0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit