Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d72a71035b...8.html

windows7-x64

3

d72a71035b...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d72a71035baf87ad3f435c2a6fdedc90_JaffaCakes118.html

  • Size

    53KB

  • MD5

    d72a71035baf87ad3f435c2a6fdedc90

  • SHA1

    fc94adcb6f3a07a18cc3948c728392ffa25e478b

  • SHA256

    982e38c8561b440b6ad126afc6c56429887cb8f6323791f5fceb7ecc380955c7

  • SHA512

    de5bc51f89a743c685ebfabfbcbb040d4734daa677a0a75cac6c87cddf73ace79ef829b1638095fbe5573dad4ae46bb5ca72e503177bfe8316fd7a03af605d92

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUk5runlY463Nj+q5Vy0R0w2AzTICbbQoZ/t9M/dNwIUTDmR:CkgUiIakTqGivi+PyUCrunlY463Nj+q0

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d72a71035baf87ad3f435c2a6fdedc90_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2300
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2300 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2980

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    239c05cb1f4e1445f5e5337bb636c8b2

    SHA1

    822ae73349c8a2a34524e2402db1c531d4ddf7ab

    SHA256

    bc12d594b58b7984ee2f993827eb2ffe89bb8990f87a794beafea57f7088c457

    SHA512

    b45c3f01d4b6b09adcc27fbd87d7519955625782dc802c8618a608f7fc846a5f51052e2b965521ea95eb89beaa964289feb52330fd483785f931b8c4803d1fe0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    796cdbf3c185289af2af0d82832287d2

    SHA1

    4fe06cf069b622b5596c030a65bea98b1427143f

    SHA256

    bc350de953b7486904f60760054c7e9e72bec94236815c494e1089d4acb116ae

    SHA512

    aa6c2c43880a5af124a25783636941c3506fc7184ba1ee1958fe7984b775b99bb7f07d204fc4acbcf5cb07bd4546c6027c9bc12e3a6918b53f2fb2ecc7b4ae3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e274e8405561532aba79020bb092d753

    SHA1

    cd3fb94544b00ece8425aa3255216bc8e227cf4c

    SHA256

    02b5749427de52c70cc447bd057aec4590d95bd1f7137189bc2419a48e7c78a0

    SHA512

    ce99898c328d80b53bcd98a08e4b39a8287014b5864771609a71eebb62d7f2542137f554d46692b29a384604c5f9d99262957b6dfc1518bf610348c65614f65d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e75f4a34fffd946589b37667d85ec6c

    SHA1

    c3934fbb926507fabd918b317f9b3a1fc14d474f

    SHA256

    89d9ea2249d53a01a158036aa2dede8bef75a3e9d3c7324d1a858929ca3bb0ae

    SHA512

    8af31cd58fb8bb23c7bba5cbb94046f77659bc9c5298c9c45e26ce651a9e55ad97bb0f141f9eb245f61a30fdb9b5fc49d48403c6f2eda9ba96b0f6ed52f8c9e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7598885e9b1efcc907a9f48ebc093712

    SHA1

    08b847136c5ae2af422f315dde91b9fba1372f79

    SHA256

    065ccdf5f445286e4150582c53262c5cd1dd9fe87c73d3f166c8bb2bb8e87f65

    SHA512

    3299959a89e56e24c8478bec592d2d581bc343bc335533df35443be82f95190ce94bcf54cfa6c870ac5fec18831cae2441581ab867b67b6b63d4e2de920d227d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b93457890c88b24b10a23e645dc4ad8a

    SHA1

    fd59b2c9efae908b75e5565646d896b36dd7a3f1

    SHA256

    e7b0b3cab8c33c3cbed4632b13b502b27b4d416e908e0a40c82714644d2c686e

    SHA512

    7ea722557dff9bc7960830a0d5ad7f32f509b356f8eb8019cd8bc5c80126deb8e3d2042da51559e556956f4d2112ccc9e98232c956fea1fe930344333385503d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7b7b016d7c628587a9543bcc174eeb1

    SHA1

    cc20e83d98719fb93f964ff339fb720dc114135b

    SHA256

    76c3dc79cd79a5b8b61a79b174240e010b929d859a4a2b94b05b9ae71641c280

    SHA512

    bf243c01ca65e8e8cc61e0dc49195da03c7e5f99015b2629d95b9fa8453bdb561ef72d10a617d8504d3a32728842b7c523ddf593d41b2eb8f4793ff5e2f7c96d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcd764832d831ad5651f14eae7899b38

    SHA1

    03ef411722e357629ad0e73e7217f659a6b1ec1a

    SHA256

    920bbdc4ef392df35f6cc73599950f907cfe91710b78bccddd2ad94dc90c4152

    SHA512

    5f3182c881a2af1073c092251b1e7eb2fc86a951e69d498d79d755dd9996dc098e3f843b812e3bc5788ec70864b74c1e8afb5e1d93c4cc83d19d0576ac169b7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c73068f46555d40732de39791af9638e

    SHA1

    73a97236d8d3984c7e837b2618318b06e3f8d95d

    SHA256

    17980914fa969395a338a620d6973cc982990ee295232cb04b57bc71ef3faf27

    SHA512

    21d0a49f74b522d215671326d52d55fed404278b5225b7d1e10515863742a06cc8fa592cd3152dcc96bbb11cb1e9859e91619465f5c3da2db877d74dee29af50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74973835a64e9f80a317fd75c3737995

    SHA1

    0fd90a24da56aca1da4b2eee6da93ad458c5d908

    SHA256

    7e6721a69f5ce318b98af8dce6bd87da0249a1e6cdb5eb6ced4788bacfba0257

    SHA512

    9409045772a54f07a2bbb0cc95e5740ea51a053beca565ad14f86a34aef553e43e322774c1a9b73593a6ce7dea99d13164d6c6048667c1dc5d913e3a8667ddff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17adad8f4e2e44e59cc8b5da5da639f0

    SHA1

    5c4bd9f08b5a7be8a6ba285de0e97f3d8fd58432

    SHA256

    599ee7c04f2fa82db0c8af1d982e0b29fd00e1d583fcea74681f8b4e628de626

    SHA512

    8d160348e8ea541689bb7b002cb7e7aa2fe1f711efa704bce14ccbf1027ce2b6843dd799309eef531aa78d2fa5a4e5a170b67774236f199a733bf5518bc08dd9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\style[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE5AF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE621.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit