Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d44a7e3899...8.html

windows7-x64

3

d44a7e3899...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 11:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d44a7e3899a08dbe20be2c89569c8a69_JaffaCakes118.html

  • Size

    38KB

  • MD5

    d44a7e3899a08dbe20be2c89569c8a69

  • SHA1

    572591971373282b2369ae515dc4034e4c83f706

  • SHA256

    61f5bedd9431d310db53f6fe509f014c145e0efb083326eeb181d74b2aa9d4f1

  • SHA512

    6e9933d3c1d750043749a562c2cd4c25cedc058a400d40f23a935af2a5e51752bf846fc28d4feaa1cb8ad335024c5b2f6c8761e7524ce82a90d4e8193690f87d

  • SSDEEP

    768:zwx/MDTH7T88hARIZPXXE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6TG8aZ6Nx9/6jLRe:Q/zbJxNVzutASF/H8lK

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d44a7e3899a08dbe20be2c89569c8a69_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1c6b1f776b7b719b8c887b4f802cb20

    SHA1

    44cfcb801a02dc510e5cf51affbef3c809c414a6

    SHA256

    08122ccf06ed7f176ffb9d8c4423063cbe1abec82a3bb0b25a212b788c190204

    SHA512

    750e43c15fe3e8e10921e0bcc917700e88f61f1f8cf5cbda28a0f94a57cbb4cbad889cebd090801bf903451f35bed8742081cce4f97066768b276debd46e71fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b7999c9e082adb001c620605ff608985

    SHA1

    1581385b4784a1340d9c54530a0f717f64f31bef

    SHA256

    24b9128117d9f394c583fc47fae0598763c01d4884026f5f9edde812765f49f7

    SHA512

    6e440845da65ec6f65b8f2b3070cc621c1751fd24a0bd937e434ad4f29e953d4c21be088b2f8abd8792c1f458c09027fa643fdce0f29b801238c9b577e55a01a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
    Filesize

    482B

    MD5

    c6f501cc3c06bf3019834a2401b1da91

    SHA1

    710dcb93f58d6b81388c9c87b099b97fc9065de8

    SHA256

    4a8de0c824c9df3ecbbcf84ab20790bf16267e48a177acd1ab111f1614387f8e

    SHA512

    730419b38cd00f17902be141ecccd418b8bf710dc446b016bc00c47a7e366538eed8f6811e0f406b5f29f5d19fe8e85dc4d9e055cdaa49955e4d4b194a4d7f5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE330.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE343.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit