Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d4b579d0ea...8.html

windows7-x64

3

d4b579d0ea...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 15:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d4b579d0eabbf4e0c0185bf806f5d1ac_JaffaCakes118.html

  • Size

    4KB

  • MD5

    d4b579d0eabbf4e0c0185bf806f5d1ac

  • SHA1

    b8e74bfdf77538f47b3b47cf168951e034ae1261

  • SHA256

    9afd42976ed81c472e44fa97405a5865a03eb3d408d19c1eac225704a4b8025a

  • SHA512

    eee0986d588607f419665da7595eb12632b5bd32f24d39592e41ec1dff8a322fe63065eb478fd04eb6346819ed67dd30cbb55efa7d5d6edf62d6c18fe275c63a

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8otqUXCEd:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDM

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d4b579d0eabbf4e0c0185bf806f5d1ac_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1088
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1088 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1267432339b549554c408b82cb41861b

    SHA1

    64f195e9da792c7867cd3b29096cf41dd1061ec4

    SHA256

    0020875a229e08ccfb458fc05aeebaa034fdea9e198e769cd8f4f77f1059b5d2

    SHA512

    4f010ddfa4ff16186aeeaa48f43bc6f29f141796f88187cacc02fbd8b91bfcecd513c0cf59d3faf780a6b5c01a214077bf427cfc99ef0085bd81d45ceb90ff00

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a12a724372073fb20a2aa47bf0c596a

    SHA1

    cd06e8288d7ab6c9f763911d74436a5908307f59

    SHA256

    58a447c7d526be504448a72e15b28f369e52e10b6e4f90539346f89bae8bf52a

    SHA512

    86d92ebc378647ccf28648d725cf7ca15c02c586968e2685ef342c06a4e70ca754d3832d687e3b370138d34b4a7ea07c7a61ce9743efe8502fcec7359ef1b148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa5f5d65387d9d6d77d888ce54066feb

    SHA1

    95b0af4cf881a181e7c339485554eef478779ffa

    SHA256

    c06192ce5099a2831f239825bacca8b58e4514a9c80334e73f82bf1e599a4bd3

    SHA512

    ffca5cd82db8e5b4023dd78f897821161f1c3781f2c7dc75ea31d460617eca9a481b48f433f2279ee130a92520543974883a28e872dc11652c24bcc336306c45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    743d1e41b43ecec4306a7bcace157e62

    SHA1

    1ed978321d607a4a03cbd9ad493c7115a284f468

    SHA256

    394b61219feaa830ce7a103cefd3ee34c3f5850b2473a4e5b5e3db8ac9422cf5

    SHA512

    cf50d0eba48d8f73a11d26abc32d7fc886815363b0df52d35e893e430693cf76943b2fe0590a26a193b44c62892dd0dff677bb7de7704f9495237f35ec72e124

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2EFD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3144.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit