Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d67baeb896...8.html

windows7-x64

3

d67baeb896...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d67baeb896ecefc4cd40fe3038e1c336_JaffaCakes118.html

  • Size

    34KB

  • MD5

    d67baeb896ecefc4cd40fe3038e1c336

  • SHA1

    c766ace429196080e147c46e99e3256d8724ea55

  • SHA256

    c72533d4190c2a784b1c8e59f31c05ce7f9f22d40e925f5f88d5ddbd49dc820f

  • SHA512

    74d07ee11f92d02a626960a3428b9b20e0c40de8b85771037ae1c59a40bdec458e3572a250982737abe805c5e866b5ed4e12e23633d2143648554872ccd33d98

  • SSDEEP

    384:S8cB2TS8uvu5BMHBMQPBMSBM0BMtBMDjbNTHXlv9i3KIZxRfdZr5/hgebpszZ+XR:S8c4uvqCHCQPCSC0CtCDjbgUKb+GKTw

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d67baeb896ecefc4cd40fe3038e1c336_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40711dd8546382d42a682ed065428e97

    SHA1

    23730d4675fe505793c67b5e0f80b04485653acc

    SHA256

    a72e2a3468635ce51c16b615b4132cb32c6f6ddab906f948df9c4ded100c40f3

    SHA512

    684fd93a720c240b83bb7f5ca30bbed0f721566ec18ff6928b9ab233f9a1fd5699422e189fdd65ddb4bdd90f3ca471108c6bbe74908473f36a8ba25188eb6a44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8aeb349629d1b8ed65a49b70c5c5da0

    SHA1

    a00a859afd570282e463005eb8c7271f432dc923

    SHA256

    911bfdc1238a67e64ca393c0a57ccb35eddcbced4a75912a68c267f04b4d235e

    SHA512

    9ec2169f906a2b6862296f6e4012540e606c047724207384e04e5ec8004c61cb6c1e550749cfc241c4e55d3ff2b761699ef8e1aad682b910a196872b4c44ab32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4aef636dda30ac7c0a1ffae2363d980

    SHA1

    d044f671e44f1e9fa92a09d0cc1addcc1ac7cf6e

    SHA256

    ac4bdf4c67fd03915e9690bb4fea677c81a969cd775688d5ec32481b66ce3077

    SHA512

    d81a8db88be1f75ada57c02607e54112277117edd6fea905db21677388751be60a2e13bd94248fc94fa48c2e6c06afc1d2843c2325f4c5c4cd6fae3a777b7fa5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    290008b0ef4077965d81c04b273da76a

    SHA1

    5f367fa63e50ae964596e955a48fc2c2c96923fe

    SHA256

    458501dba9fd7039d50dd0572df5cb7eec3f04226705c9d4ab2558ba5c5026b4

    SHA512

    1d4586c217634fc00629320f0186529a080e1aca9ca0d2b5fb89f37d36441bd8aac8b623a390e421158efff36b108453c3bb3ef5d03c181411ceb05954c4faf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76056b9744091eb68fec3fc1c12aed11

    SHA1

    fe07d51a6174c9b6e5a58a8d1210fa27c8eee5db

    SHA256

    2de6c8a8604a30fa0d8d41fca68c2c263a8e1ce1103970c87bf3edcd4f7c935e

    SHA512

    016867b067ec14b80b1464110daff56edcc00744056dd753a1cc797d8711cf8fc91f3afbc06a68404a8b5cf00fead18281745d12ee13b0258eeb078dacc947e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96ab696485dbcd1554670105c0983684

    SHA1

    36d91fda6c0b8bdc7026b17f1fe20a23b80eca76

    SHA256

    b9ce6c3e04077c4d69040baa77792a192bdbe05887a34dcd71112da111e5acb7

    SHA512

    b0c78c00d053b0f47e5294b823bd4fd16a714a02ff3a13447649d3bdca94ceddc15de8b83fa62526521e3f2932d4bc3a9a4133ab9246785c08094e0198f421d7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0I0VVMWQ\cb=gapi[3].js
    Filesize

    67KB

    MD5

    ed72d618fe48f6fc42c19a4b58511e72

    SHA1

    80a2da4af91d56ec81c7b672afaaaa72c83a4414

    SHA256

    5bfd37a756bc7772aa6c520102870dafe2d3b808c562412e30f122a7908f8ad0

    SHA512

    5378b71a33f67309f788b9fce32daea44051e7e9a6aa326bdd783456ee9eb2f4817aec2ad1e837afc1853acba59080b0114d32c040ea731ebd703f0a84dd7ae1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7E27.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar829D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit