Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d47d1c7297...8.html

windows7-x64

3

d47d1c7297...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 13:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d47d1c729718c36a6c099696a9a72e86_JaffaCakes118.html

  • Size

    21KB

  • MD5

    d47d1c729718c36a6c099696a9a72e86

  • SHA1

    3b95515d4eadf28049557dd2266ddf182291e7ea

  • SHA256

    d6be8077e59fa52185d108bd4b9f13d6fb14782627e36e4196ddd4963cef28c9

  • SHA512

    ee2ca1645d99b26c41ba23d59ba5f6c0923c734842b0860ded8672fded6a2b928a43fb17e619c1f255fb87332bff25cef89892c01c488efb595b4fe424309ba3

  • SSDEEP

    384:2W9lVTMDZKb+cyBbKbqluyUqhiL0/exr8jFGaM7iFznyfMFrS2sQtNFKpBY0FhUA:73i9B+GluyUqhiL02x8jFI6rBHLKpBYO

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d47d1c729718c36a6c099696a9a72e86_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2916 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c19eeb62039084483ea021a1c82e8a84

    SHA1

    06c0574dbb1870ce5a23037d894c9b4ec616ae8f

    SHA256

    1ea6aa76676a5f2dadf05c862e9cc705923bbab3fe3704447c57ff4403556322

    SHA512

    87c1eb44be20dcbf280999cbdcc7156562a6167cb3e0d78a9c9611fa5396f3311b67163e93346ff0ae6457325441cbea788daa55cf705698804f005c89cdab84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8dbbce493be06b5e9c5acbeddff1939d

    SHA1

    7b79bc494ef394b90643aee16269a1227a5409b4

    SHA256

    85a5c1f9dbbd07d2eb60df2c245f97b3f201ae95c464411d9b951a426b6ddd5c

    SHA512

    90f6abfff21164e19ec4025c0122412ab22c505b0bda2de5025e526b8e67a905ce7b765109554bd5cee55bbb84ac59a25268cfe15826e761eb76df1b0cf781c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f5fe6eaffe18e84711926e385a86e5e

    SHA1

    3b80e735e8422159dc776a6b5fb8a820bbf9c576

    SHA256

    c4c58a22cdc42429c777e4b78bd7582dfbf5524ceefbe6d6db71b1de545a01ec

    SHA512

    80563a6d998cfebfdb7756ca5a6b1b6880d3bc1f2e410c4ee42e28b1e03f2b05e7ba52dc794260ea255265ff0ebf41fc08a4551dc2ad8204fe88540c908c9af1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d48c3acf45bfbb4301fcf9803e4a7ce8

    SHA1

    70d04ce866c15ec80ee2429a174a2245cbb435eb

    SHA256

    beb6b452171e37e21f34fec79a58ce6d0695e57901104f75362e22bf412c77bd

    SHA512

    04f245babda733cfecf910e878b6ad8304644b3d76e1b17870666c72ef095fc079d2dc9f409edc4ca3a993151de2811213ed504bcd9cad4929bed1db8ba6b750

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    682377e88147c9194d8e0d677cd0cea9

    SHA1

    f7e756ac3d2ce45f6784bb1b3aab1edce9f91582

    SHA256

    bf3bae97ccc31d8815d04b083abfdc0144115813530abf5d47ce2473856480d9

    SHA512

    e518a65b7d12bde1f05ffd00cec7a226e97ef0e19e0be1da417bc4db6aeb5bba47e836f3c8d28c286059ef2de7da86938215c8a542cd05c5fcd718112d24fe65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b210df0c380cd2250409ff44dc09b68

    SHA1

    97a37a251fa9123f34fbec0c101ccaac70c6df33

    SHA256

    79460b18102f2c88d392646ab894da7e5cf6f048e45b49991d9dd67dda91e493

    SHA512

    0d761b9ecdd661b18f6099dd149b915c8d9b8892acc8f4e54f30597d8ae40c10376713bc8b093a72e6e1afd2298e9e22f5ff2c326d5832fedee1fc013cb324c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24f4bbceccabb63f420f347fb0ce9bda

    SHA1

    4bfd3c0acc0581b8a8460aa577cbdec20c79911d

    SHA256

    82c8b55444ee5c6b2b053e17bc4b57e3e6a5d24b06dc31fc7c2db0ea41da50c3

    SHA512

    26a1009faaa60a1fa43ee091b6364b1a1c52a8639f17fdd2c96034544a211a3f68a24bdb3a5359d1cc5532b53a042feb237bc0f06d550dede53ca3aacebed510

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e74f467923ca2624921e6fae32e396af

    SHA1

    42a15e745e406c05458104141657ee6e10f9cad4

    SHA256

    a06c06355a74759d852a908dd09fb24e50829e9adbbc5d393c90ba3d4ec19408

    SHA512

    feb5fff58331d1823cffe789a06dad092e3e5ee68bbbc56ed27683709596db4f93f21ef777ce135e658420bc44a5e58f8f5b9f35ea6c1d9bccf00f6769bbc538

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    492f78210419393aa99515b2d94571d3

    SHA1

    9b49c08cab9ac8a66e0b3e6a3376df247cce7493

    SHA256

    9a264529309943588de3f220778028f6087f87a68c46f02131ce4766a6a7381a

    SHA512

    7f981f3f70b255708dc057a1859e022593f37c621772ff87704df37845b8dbed01f5c945f1cc19524a6f39c055b826d16737a48c1d887aa6325c8567b4832035

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3A9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar459.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit