Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d622ba52ac...8.html

windows7-x64

3

d622ba52ac...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 10:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d622ba52ac19aa619c6bfd83f5a93170_JaffaCakes118.html

  • Size

    142KB

  • MD5

    d622ba52ac19aa619c6bfd83f5a93170

  • SHA1

    f6a6be5be821cb43fdf03adfaaf9cd8776222844

  • SHA256

    7b6262fa066a67b01644cafe4e795bc13b92f71cc949a4a64794ceb53cf2af37

  • SHA512

    5a054ea4acbdd2a640416a3e6d2360715ca1071d6c4224b176065b7507f10850ad95f52b955f4de861a2f17bb53de678a6fbdbf78cf42a367a92ed2e34afc3f0

  • SSDEEP

    3072:SDIHiFx7dyfkMY+BES09JXAnyrZalI+YQ:SDICFx7osMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d622ba52ac19aa619c6bfd83f5a93170_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2692

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73c9a97c31d535b149fa547352cc7153

    SHA1

    a4b92d9dbbf9622488129bcc4dfe4550fe1b0e9e

    SHA256

    2076656adde55520ded44f615fd628bce55d09cbaef49493462793495fbb0d77

    SHA512

    b2e56032e40f684b72e3f160b44bbd9a3beaba0a23b1dbe87d2d8dabad744ffe8938c0270481f4543419c8ded71ac267c9db69e76cb977b882c7044094c95482

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff854285ff3b1e85d1206f98bd520da6

    SHA1

    bd8940a7e408c19d93746baab40428d0685e7515

    SHA256

    0a627bf6673e769de803ddbf8eeba14baa8426c47e59db359ef615e273764a0c

    SHA512

    f41e81bb8139e14110c3b57d23704a981c49a702b00742ea1399773acb45bd4c2b9d1a543a39af6cf6fd89dcce5acdeb0fd4fbfc26cae169da2d2bbacfe9c47f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dca0a439a6770c5b287222e3b86e3def

    SHA1

    f17363ced77f9f5affbcb81f8f632188d1b9a1c4

    SHA256

    0cc8685bf0fd6a80cd5cf088e06d11b555470e3801b2e333463f76b5516d1e15

    SHA512

    8e367e013f80b1922c1d09b2d0bb1709ff11e425e40d2c2fe9648c2c0c1797fee69a5b5032a05799576a13e122926d31b3ad6f18dca16970766f16f17c07bb9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92c62b4b90e60f2e01967f79e4f70dba

    SHA1

    deade5f0b6d6b96cfaae99695c79a7a1703bf4e8

    SHA256

    d17e9b1e9584446c0a7bbd4a79abc41e2cdf3111387f7e28e55a09bc9117f306

    SHA512

    7c402817e6c4b769b649dc3466a14b3be673d994512d1312e05a3ff38c562f02d55321c2ddb0b0b4e486ef45950f4268df664698c9222e4138a2068a74a8bccd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8322bd5b25598253e0b47bf2e103231e

    SHA1

    b92fd449a2a7537b43087d5b89e4a32cd2e8a2d2

    SHA256

    d5cf6c68dd4d2406a096624fca1f22c85da75f44c061bc794dd6ae1511845ff4

    SHA512

    1204bb684614af2c0a1f7763eb79bfcdd1c34d07e9ae4717011b6fbd9b30c61f6f5e7e2a116ef06f2d0cf69e57d7bc51626484d13e7af6e2e9ae810cff0270bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    374d2f3d0534c466e84658583b37553e

    SHA1

    3e465862db4e78c12fc217d9bb5b68989f3a92ce

    SHA256

    8767b374a81f0e5f02da7108504e33d7b96f33f4df474034d4ccbe8c65a0c087

    SHA512

    7f27fa048af352f556d6c28e181416e7a81fa9b7878044b459713fc98b6258a4cc872d1e97aec34ff68abb22ade03ee434b24d1ab3fca037e64f19a7ad8348ef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bc74c880593c2280463c799b104ea26

    SHA1

    e92acc10e69973e9f89ec2fb0d9520e5d5452341

    SHA256

    d3ce37ec47898890a18c853f48cf45f40dc348a8b619716ea2ad8decb54a5be2

    SHA512

    af4c1ac53c48ae82a4dc29459e27a24f1215e0ab3fd7e54d61f21ea6b53d75da13bd303b5f7162f83f9cc8402c7e45e3c7c37c71e8c2c21dd730d1f7a41ad638

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5cbe42663e5859efded526f366715d9

    SHA1

    d4b17a394759e913c4a67ea154853c13ff4180c9

    SHA256

    c0004ea653e9b75cfd7cb176212fd8d18d23b4528c062faa8ac82ee9cf41e214

    SHA512

    0251342afdca8d13b936849b900b82c4a38426dd6cdc4b13a09fcbea115ee01ce4a8b474e4e98661fbebce367c939e09b858a6bbeb386e1d780cb40e3ffcc235

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f222b4991ee3fe9f447df04e9003de3

    SHA1

    1d8e83d95c30b96e1018b8e6e28ff6c485d4fd58

    SHA256

    cb782d7cafea425c136fe470bfb77387efeeea7dcf9c9e0bbe5b07f3c7930047

    SHA512

    9faf33607feef40752502f2ba9c0994083f788bcfd58a1db851489a4fc528f1c5db92fdcd5d50f1ee627d497f0fb70bab78c676eb7b4c428e64ebfbb8252b3a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAA07.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAAB6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit