Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d6cb18ac08...8.html

windows7-x64

3

d6cb18ac08...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 17:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d6cb18ac0894adc0af06d9d0ee104c67_JaffaCakes118.html

  • Size

    18KB

  • MD5

    d6cb18ac0894adc0af06d9d0ee104c67

  • SHA1

    ac25049cb18665777184c087f722fbe112f3ea40

  • SHA256

    8418800b953555fdd323a5be5d23825b0654c49e9f6ccf33bf74f14908c2716e

  • SHA512

    37f01b629ec857142eb4b9e5813d40f6191f31eedbef55f4366a5b7fa9b856e3d056c50c0bad47d5d7f6b1665a018b952ff544d34ba00bc017f0617d9c4b24e7

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAoj49zUnjBhXZ82qDB8:SIMd0I5nvHDsvXyxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d6cb18ac0894adc0af06d9d0ee104c67_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67c7dfb047b686f00c498c8fc5bef83e

    SHA1

    ccafc2f15b2d14babf5692df111783bf7c074e63

    SHA256

    90906bb52707aeb210cd55e2fe35b32c8f0b67a88ca488e7e70e7e07620cfd68

    SHA512

    0da97575c4206d8a3d09f69c745bb1cd5664291afd5a8d843f28fe1a3dcd92edf8a639768beb0c0414b5e99ee916533e4c330efb93e3f2526c360ddcabd32cde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75d3b5bb176cad3aa51a83566aaa0ecb

    SHA1

    cf6a23933e0c25cb6acbe2e7e978bb11d9ea76b7

    SHA256

    b6830f53fa5ba815096e9208f85ea993295a72ed5468da34ee2331492bffc576

    SHA512

    e5f45eaa3e8e5ea54bda84b68188886520ccd37eed84283b150a0932a25d676a735dd1c24fd32b86b4cdbdba94068c01ab3a65d2f5f74a5572ff89db12ca85bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94f83670d8c6e8b694ea40f6555edec5

    SHA1

    e961ae552e382e066975fc67fdcb31875c84c479

    SHA256

    ebcb51238439b7534e2436169a02e78fc6af284e70b050a8842f3534b4d69d2f

    SHA512

    5bc780badcc1be85e9eeaa0635e09f9e880b40b1ff60bd4b4a474806a3e6ff6bc4811a0703790e1d57de5191d073387c4dbf0559ca117d699d1eb1f1344124f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7da6d5c9c35fc6eb0b1ea7b7dace44a

    SHA1

    8f5ce1391dffae5f5c7a5daa9c0229e9da139d8b

    SHA256

    e324fdc7f25e34340a409d90a1dc8c1c43a3dcdf6fecc846631692f83b354f76

    SHA512

    e9813df7c3f4a790d679fe1d999fd3a9e73cf6602b9ba5d838f4a322c4b0c9795288ef6709ac4fe9d34d349e59b75afd63cbf131d3c3d36137baead27c2351ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f8750faa3fdc6cec943979dc95e448f

    SHA1

    043d759d00ab6c46b62a23c88356c05484902516

    SHA256

    ce05d6a498c759349d69d2bc0c6181d139d5d3fd91b9d5127ce4293c0dad32d0

    SHA512

    35936ec543d4b946ae3eae3eff5369e9e9503a212d5d5bb2752b005d35ede2302e12632482387e33fdd773610af62c4bd398c813a0bb630fbc4a284e3cc541b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7ddfd2d05f07671bc309dbc6c5a590f

    SHA1

    330e23d83cabfa299efc49897a8c9e63b8383e98

    SHA256

    62028d44daea65a1336f50c3043f94fad5e98a3bd9444b1c58406c923287409c

    SHA512

    9c13225adaa94d6338198ce813c9d2c472dd611016e3252039c9241e7c58acfd9c971e545ff2a4d7749a8997e43c9f61d49ca468d5423db3154332386fdf7c9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e7e8571096f6744f8dc27d76f0cc970

    SHA1

    c5c09c28cf4428288c05854c497f7a2b791ed8de

    SHA256

    699269de75ab7cfad00546800d177f832022a19dc359f547d8b7c300953a09d8

    SHA512

    103bab855959ef404ae6afa29bb9d0238fdc0a548c1dab10fcae4fca2e39ab785a0de78ce6124fecfbc4dbd5853fa2919431ec307b692997850364e8c2c7cca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    737392a16a02888ce672626f5544effa

    SHA1

    83988f8fefe69e2ac03e8e4f115b6dd24adb986e

    SHA256

    747775e464f5eb6344de67cde3d8b7367588a2c4a00dfc57c7c1d7d256067b8a

    SHA512

    bd2b13098a6ec6ccc2de9d7deecc25f609cea721a190c17d1a1fad256edc540df4d6fbc349967bead0ad92dd7f4e2e9988ff02eb65a0334697217367271eeaef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1a5930259229810d9528d0391d8e306

    SHA1

    8fe7dad0fc9b0a72447a95baa5654b16defdd122

    SHA256

    aa3e133a36d503103b07d1e239882dfb6c85acaa29d62375abf8d6ea02c02fd2

    SHA512

    9800b065930f3ba850731471335062744c8a9b94955f032d031dee500c8b1a9e87edb504e3ab3004e5f80bd37271b03967f6ce22a7276d116b99bad55870ab20

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab33E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar563.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit