Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d56505f4c6...8.html

windows7-x64

3

d56505f4c6...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 00:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d56505f4c617c78a58c20d849f3e1ec7_JaffaCakes118.html

  • Size

    19KB

  • MD5

    d56505f4c617c78a58c20d849f3e1ec7

  • SHA1

    59cf4c05ace57540fa4af0e8a21ff8c457e683d6

  • SHA256

    b9fc219097ba455b931b4465175ed00fe15c2b23d7139fb8c863d0a44d81ffec

  • SHA512

    d58ba3119cf73179b9079cdf2dba53e37781f261ac9ac97e59b2acd1af750e1faf659ccd3e8607dc79cb9bb717244bea170a980da6ddf5ad1bef9d83d7c87024

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIW4CzUnjBhW482qDB8:SIMd0I5nvHRsvWLxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d56505f4c617c78a58c20d849f3e1ec7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1788
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1788 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5ee3992efebe05135a38ff1b6514915

    SHA1

    ca7b2b026d3f1209da0c89a4efd5efae055d8973

    SHA256

    c5fea7c5ac474d8d900ea2c0495ed821069033db62eded0c6675ee6a72e23613

    SHA512

    9b2af8b7a2d042235a01904948026dc841e9e9eb882e7c245328cf2cc3c1d01e8d96a00a2b178c8b1cab194767a85df123c69b872d7ab6c989551230e75dba1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    550880548f9ff41268eed4b8b465ec2c

    SHA1

    ba92eec626f041711d620d984a419fd98a7ff3b5

    SHA256

    663429355edf365bc25071c6cffc5ffb51bcff6ca8b3b7731774087ffda82988

    SHA512

    28aef2834f131e2fa6e1c59ff24bef7dda0800e970d72b7152f4407fb2db8d1a50880458e825e1af28cfb36a1722205e26843bd62b3e23ffb33fb4d76b157526

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    697ce074ffffa15ac574f9c9dfde2131

    SHA1

    ec30f27cf2a854027e092650ff4d7b38763f6576

    SHA256

    ec0dacc134b89af861918fc607d14abf9e06063385861f0c29a5fb4475ff253e

    SHA512

    7e8b82ae9e6f4a1543240d4e604fad23e5cef7d1b94d476e3039b62eabaad24e1c1c0ad49569384e7b9ef07d7cf3f618a35db5e31e7c7ebd010618d1fbeb92f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a7db17caff7a0e43e2205b62c9a0cce

    SHA1

    49ef414e752e44aa93f9b8fcf8ee1129573166e9

    SHA256

    bd0df525e5a7e7fba30c985ac3424ff700755e206dc2ee41097cc856447bb63d

    SHA512

    7c44aab86907d6af033d86ea872ba664d22be487c582176f765eafa793da03ed3cb572d0f3aac26cd216863253fb030b53f9b2bbcd4d649cc1c8bd25ccfc1f29

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8f5cc6e0d93c91ebc1613d244c0c9ed

    SHA1

    8907e4de93e8368cec4c6724a3b04b58a1590308

    SHA256

    426596d5578759abf7d39b023e8278dad535e5c588dc11f6d5016654fe12f731

    SHA512

    36e9418040007cbc303592742ce264ccb0425b2bc178f3fb4baedec1130b537fd6061554617e2b50b5253e5ae142e3434b64a5fb53e294fe290bd66708f21df8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1d55feb48a2fca53680cfe491eca4df

    SHA1

    1dba23545dd5e5246414df05135ce9297eef576f

    SHA256

    a4a31fa7e788a8ebb98701d900956f62b891d3cc790938eb083165448ea45188

    SHA512

    4cb83389f7f852b13e5b8dc9f39783cb108b9c55d06d3e9ffca42fc411c7c34e170f653e3ddcedacd17beab3ae535634a0e63b5ba1a3e99ac45c42171a6ec981

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7aa9f4d29495f077123fedb0e7674d16

    SHA1

    a45601b6b6db56a377f2e820c0902c7b9cd5579c

    SHA256

    392c7f1d392931b36e278ca8d1c8008142decce4fb5ab42f5b62e198e1a248f6

    SHA512

    09b220bfd20be6926e996d1990597dfdafd9ef8c6a0912c6be4b32d42f63c5762881c37a2dc5edba1feb919b8c468ee043c5c034bef8e4461d925bb24f1b919f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d740f440b7ede601442e17334b6690f

    SHA1

    f5959ad99d2cf5fa4744dd7b1b5089c6552f4ed7

    SHA256

    1cb190f194bf7320282d1c6950bb495c46123d91226e6445f2eacbebaef374e2

    SHA512

    7f01d88423992bf83862e16e6e9915c1f6a75cf0abd81a492850d2b79f2a4fb2957bca73fddc3c273f522738fdddcc1c0686949cfc6151924165c47c46ddcb08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3eaeb526bb33948f9aeef713c9ee14bd

    SHA1

    9dee8d4f46b3af7ef2c4f539108d9f7f315b31ca

    SHA256

    5770d67fd0fec751ea7b454b6ff7ed1afb2a104ce9f1ee4739c62497b922f7fe

    SHA512

    9ba7a0484541bba48a78f5080cf9a89f1b5cf923ea9f83a1f37a3425b6e708801507b95eb8d30d82a78e14dd3a9999b0bbff97b39836fe5cc4afc2da9d867851

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA8BF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA96E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit