Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d6db9f8f91...8.html

windows7-x64

3

d6db9f8f91...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 18:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d6db9f8f91e13e3f4c0f3d4ddcb98c41_JaffaCakes118.html

  • Size

    4KB

  • MD5

    d6db9f8f91e13e3f4c0f3d4ddcb98c41

  • SHA1

    a62347ea6ca513333060eb740f2ad4ec4711ddaf

  • SHA256

    88e16f1aeb78a6d4a5ba72b56d4593ade216ff5663e4f064f59626e169a945e3

  • SHA512

    71fa661254a56b3a7506276033987c083878d677436f72572c33af989b0fe81f2c59d9379ded4bf367b8d444730cfe1b52d15285853d947e7d74553b5773eb68

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8ohyd:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d6db9f8f91e13e3f4c0f3d4ddcb98c41_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1032
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1032 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b37e4295356b1481059b055139594fa7

    SHA1

    383c88eb75aca182b01f0acb5d30ea5f02f786d1

    SHA256

    9e9ece302554a59085ae59a63967892cde0997b790fc72ebd952b3539ea3cfea

    SHA512

    3e1853b2ab57f8d286272b2619189e7922d45c4b4ccfd9b895ec171dcad89117daa3857ae614ca9da4a29a79f3c920a469ca9e2f328d70cb850c5ba7625f4619

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2da508adfd3e84ecfc0c19428796ca4c

    SHA1

    55289d80ac5429b7a3ae679ad0f9242be3cae056

    SHA256

    003379ed26ae6e02697c24cbb7fd27ea62aa4e5fa7718284dfa7b9b38a7be7fe

    SHA512

    39d9cac16e9679f4a5f647f9c8fc5da5e92a1f39f9bc74c023b67bae50f57fbdee3a6f2a3bf4848f6eba24bed01b0aa41e5cff77d731c3360cd0161ef564d17b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eeba41c78379e54807c1cb928749d73e

    SHA1

    ad7fd8a3af9d364e3a5608f5270bde40fb496491

    SHA256

    efe77d1e580292b7014308f39299e6a3419cf395ef54373e39cb7db76a284b1c

    SHA512

    56529e1b62264db653856231785f90370c284465c64b8e4182333445b2014a7df31e5203d68e7c8e9e69bbf9ca7326949cf73ca77594071f2ab8cd3e21868a61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2610c85c2715522a93ce2bbdb9c5c2ec

    SHA1

    bf81536123f2c98592b180bf5d6a7732242a67df

    SHA256

    ccb2fea8b686a490b5adf4c679bc8e5b08972efbeff180c0c10e7c0b3a163100

    SHA512

    51586562a3062daa9d0bbde07fb005942c244b3352ea26d284c09e14397ad28d3c1e85232aebef6b39e89c8863fb6400becdf27a4f3697edefa04d5bf023d865

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22aa21c06d0ef8ea6bfddae493ba24b5

    SHA1

    e49fa6a49295c9c447409cd7367b078231bad5d8

    SHA256

    35ea7d1d72fa5eb4a5a5b0f581718a1b505af6203acbc7bb4780ad24f851d07a

    SHA512

    d060787069b35ef1fd782f2c2c2163cbbeff8add10666a6f2311cb345292218b7f24462f8c1d631070b591a6ee614de037a1fd0dd578c188e20469a29bf95d86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71dc49782e255dc64b498670786bd60e

    SHA1

    2a30b004f3de02cbd4eb9d28d86f2bbcf3a2ddcf

    SHA256

    21e4195271c05da49d44cf425773dc0252d33816d4a290f2ca0c202a73c82375

    SHA512

    469716ffae65af48f198cd00639360854ec32a73c041245c49e47e55ffb2d544390997f3f7264a2a06d8866513c0ee4b0935b2d678bc15a44ed2c8c789c4c4fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c492d22d078563243d51cb72c141b172

    SHA1

    bfeaa0427b7da9db93697cee74e46af6e19b441e

    SHA256

    9dc8652794fb82cd664ede2e072cb501fa681b516705a404a54360c98c23b114

    SHA512

    edcaca82537366200e9d4f985cca6f606370361752709361d0975849227b6761772a71c9e7e3bc622af9055a4a1fff5767028bc64ca3c6d5dfc25170e659e6f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a74eafed8e5790b72f328ab51d050be

    SHA1

    e68f16b5f2fcf5b10db93e7909ac49c168d8d37f

    SHA256

    fa196110bb5e614dba45768e4cd3f9af8a54714437dfb8d9d5368ca22e046d02

    SHA512

    c5528427ea9683cd0cc6b6bbd60fa857b0ba4c942afc3610f675b422d69bf9dd7f56850864261069f260334bc9aecd96062b04b2b895b5b94a4f8791b2a34f73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    066718e6d0b1a5600432966c4698f967

    SHA1

    038a60e4cdbdcb7a8ac94319200df21b469357f6

    SHA256

    ed1af4d475f266741080853bf6795a9c505ba30ad2f9c4895e5588256229a90a

    SHA512

    eea3f832630fd82a657a1c903445e48d5ee4ac00f64cfee33ea58d4293b1a86e91dd26e68a4bd3972c135f30e378547b6004f9285250a10e5354e3ba5214d251

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae4aed89c4aa87a52061718508860d17

    SHA1

    e49d2e7fa375becacdfe8260e7487ffc0b06cf7c

    SHA256

    ed5dfd5258981adf3cee5d125219af8e6f81ad02001c9604aaff396f4b2ca6fa

    SHA512

    4ab07eafae23dcd84497876e2efe1a6e4c684b7487c5bf411a7f606684f5fd20799ec036019acab6207478cd37727388ba67066137b328f87062de882ec270ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96a01d4cb806e8376ca83eb8f03a551a

    SHA1

    6979d2ed971c078a95c126daceddd1e6c97b02bc

    SHA256

    78484466e737db02858fdb2ca37dfaa871a821ecacce1b1841478437cc6fb495

    SHA512

    1d023eeb3704e63e32e25fe6264e6814c5cf7a180549337b2100995a5183f45d72ccf4a9d6587a170e892e9fbb35abe1fbb3cdbb30773d04d71f450aa43357e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA2A7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA319.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit