Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d6f50ab6be...8.html

windows7-x64

3

d6f50ab6be...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/09/2024, 19:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d6f50ab6be8b9d4a5e4e5d352eb689fa_JaffaCakes118.html

  • Size

    28KB

  • MD5

    d6f50ab6be8b9d4a5e4e5d352eb689fa

  • SHA1

    98b4db91c02c8a75f11ff68994eb9798aae4ea33

  • SHA256

    4634ec7047c208f86fde8874082ad0644fa71d664c215c00ebd0eae754d985f9

  • SHA512

    9e7c3f22d9636828b8f57ee5423cdf1c11e7b28042ebd6f8681c72527cc6e442a65f1a39ac4602a3247dd1a46b9781acbbbdb694fa354324ef554f5f6f9e6795

  • SSDEEP

    192:uwEkFkLkmk3GkZkekskbb5nFkp9kWCkpkrkEwk/klkmkekrkfk3krnQjxn5Q/Af0:QQ/uQfkduHSRk

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d6f50ab6be8b9d4a5e4e5d352eb689fa_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1284 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1292

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e387b8b49589c4fdd59b7d49c77342e

    SHA1

    2a12dcd58144c5f9761054cf2bd9741401e5643a

    SHA256

    5a976ce54d047dd093ac9206f0ea63b0a72b821a83e3e0c4875200e33351d54f

    SHA512

    cd8df1294cb8c5d7d37fd1337670b907909d1684456e23866699fc161d8af5d68c784c03dca21db55cba1538df1560f205c14f3a4c111c47d0f978261482586d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ab226471d3e8f29f0e1e34c4ad5df05

    SHA1

    61bdfaa1e491ab48f42aacbabaab140768073109

    SHA256

    5edfa35c43c09db45185bd1b45282ad260c5d7516446c5f9d91019baabbb6b5b

    SHA512

    a1c07ce89a0049d3b2c5aec6157dbcbfd1d001e0d567b3cb9da63539879eaa8a13fa72f43bbd7e3a8705f2817a37597191b06cd651eb17e6577b5932b013a2c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70d76e10e3adfd247374331651a55077

    SHA1

    79e0f20b7dac068850c55b70d5fe2c58665da60a

    SHA256

    569a24696e3d3e832c615c920459ebb4fd3faa35da0fa8a4e696f13c987ce871

    SHA512

    f8dc905e7a3fc56993252434458427961238541e670851a250337b3e9fefc7680d15f07d29ccfe2f259290b80cbd7102a8b42e8d2d0dcef50be0031f939bf59b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d84a314d6a61cb9f0aea883cc58cbea

    SHA1

    81dcbed670453103ee3671f0b2e2ede73d685147

    SHA256

    75218f7c32124a1aa249a88c92d1dc499b9b38cf5a22081873bfdb3f418e8b41

    SHA512

    aaf6d76829ea9ab62ac0dec4e528c70f73e9823ca0b3a8bafcf45e23e805167d403f98d05799b8c4e2543d990beccd0d300e24d61899fc6596dd508acb97573f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ca0cbef585a7ef253fc66e0cbfd0ec3

    SHA1

    bd04c81a7552566a6c01c28932b6d2dcab75a566

    SHA256

    2f1b80249e4c28434404bae7e178b30bbb34246c0ab3e783bf8498858a9d9a61

    SHA512

    ae8838b9971f94de7a222e360ad851a634e4abd12728acc810da5fbae10b6690c14ac858caba95a88a2e5e83ab1b6fe005385ef6fd0da0fcc4b3dd56eb546dd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffa3ef054ffe630160714ab154803082

    SHA1

    de09587b536db6232dc8b2eceaa3c0fa14b804e4

    SHA256

    0125887569b69ee1feb3288c63db585ee632c4e8462ff54cbfc8f7915e61a73f

    SHA512

    457873bbab6bcfe4dcf13b895057f88580b7a0c495dab8d5be0a58174f960bb143603b3eb57fabdc9303a610623ad5d5c90b1b7557fd302405fb9b0cf55ecdab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6b9bbdad82a4ee5ef109b7323665676

    SHA1

    13b88eef3cb0c803856297a1798a68a8139780a4

    SHA256

    379d0e0a7abb99879b43fa09e36a719f751a9dabc67a71f6cb63ace4f186bc69

    SHA512

    347f815463045f544682277bf64d2247669ff610570025d4d82b0441ab0455dd9fd1029dee694bf2794006a457fe3c9dcd1de887b80b601aa143676e6881b144

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42cbeac876f4509b0947d99863c587dd

    SHA1

    6cc4d14a9195af1a3048969e862777d89e4b65aa

    SHA256

    f860014f7208a2dd44f034845dd24b49a65ab06d82bddfa3a7cdab2a63d3e490

    SHA512

    b72489cfdfa1a6fda3c07f09366339db6dec3a824012b2bb6b8d16db79f6a824e4f90bdb55e7623ebaaad2199374d9ee40c5f54fd0e9e469a556577f9ac60034

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56a47c829d72302b38f2f7ff94e8a0aa

    SHA1

    b422204a820f89d9e5b76a3b90f018c5b2b0fa36

    SHA256

    29ea7bbc12768703871aa86abd900795b8cc53b0d0baf9142f1fba09f6122b94

    SHA512

    88fa6dc4c4169b0b1cf23c28277382345d953e7198e0af2e8738112c30457405cf1daf67b4e47cd01b23fe6aea481f12519ee62b0d7427d68142eddecc777016

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5b6d18b4ed27e7ba911056339b692a4

    SHA1

    7f05a9e32ccf1c6573beeca72d834506c90cd5c0

    SHA256

    694ff736b3da2110a073f046e995aabfa306cf3f69608862e7bfaf64aea8fc9d

    SHA512

    a018d5a2ce31f6cb330ced565dfceee57c4b995955fe5800e20b0a90fcff49583c31ba41263d619740a8e0a4b75150207511ca1625d1b7f54b1246e2a5b22f50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a3055e75de30d90bb9ec5ebeacd7dd5

    SHA1

    d6139818ed2afa139c21617d4cf103939037ba3f

    SHA256

    4d80d61e7e27613d19044a07a752953363dc4d5156675423e7f7872b954bfea8

    SHA512

    f6b51c256e728dad1ffe5b0df6ed4f06ec1f0343481be605d82d1b205dccec47b77ed90300321b5e7137360eeb737ee169ec7a987be12e8b34d1c2592ca38fb9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffbd3eaf533b5749ea7a401558b3c719

    SHA1

    aa98211f46095fdc8803be382af34d65c55061d7

    SHA256

    2996672da383bb3261b851f6ef820299cd05b110abd39470e6c162d083943017

    SHA512

    f6eb559cc79987b5e8592e3d84bdef22f8e1ea81d25d5db4449e7403f881e35a8b7f8c672a9c0273b8ed26cb54bf1629d9cfe809d19a84faacbc6f7f34eb7db8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f3e4d0e458ba3144c1e51239527cbdc

    SHA1

    95ceb8ffd5b3d8ad165af4d777f5ed8f0d08ae5f

    SHA256

    5bcdf0120bc17e4e162e9ba541662b94141f04255b93ae50f4d93b589ae5a6e8

    SHA512

    c97f51cdf52a3571bbd6a523330f8cb36f944a219095a6b0f5f6405f7ea95434ae89ee0de4027f37f54dd94ccc8c205a32974df68b5ef7a311b5e388cd8d0804

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aeb8d02d8d6beef770c16d20fee8150d

    SHA1

    e07c06e7033b7ac5f3a359178710dc5ef6537f91

    SHA256

    e27cfcc3c44f3b5bd6eac4e3c87219d207a6ccab704c857b5f5c2803efe0fb6c

    SHA512

    a0a210d89328856e9d266de5ab659e47aacdd6e26a5ffa4052d4ecd16f17f699e3eebfdd61cfe111aaeadaa7f9c63d82b80b114103256a0bfd9d989ae2ae0bff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce2d94678bede7e9570cb5df35d8e023

    SHA1

    da73652b99817818aa444224d2995e46aa24b8d3

    SHA256

    893f3913a41c86c86260951abad2b99be2e6cbea71b985dd9a01d8c56bfad910

    SHA512

    7c96acd2b18b29aefec4f0083109fb16e08b9c34d068d706d08aaee31a46c011b6943c7718f5643901728ed67296ef9f208bd984dba768392409bc8e585f09db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3c23ff8b0264d62223238863b7266de

    SHA1

    82d33bd03640dafdc8d820924e2c0884a2784831

    SHA256

    acb259c38bc38d87c4f160e7ae3c19518e0077523885c42d1b3fa5c30ee5efe4

    SHA512

    8faa6caa21eb5222e0ec9b55610b1145f8d3029d34900b84b7eca35bda9e5c203d1d932431e28e6edbfd44c0fc98ed3c5cb1fc57b4c919d4aec085426a579ffa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f224ad4d467294ac3ba08072ca8e922

    SHA1

    0266923cdc003667fc134d7348723e0958d2f071

    SHA256

    57263f1c033bd666aec7cec17840831956c4547b949daf25201fdc6eca9cb93c

    SHA512

    70f38fddb7dc46192fdbaf11514a09e9ad5125a8d1b919f74392c72b8028074d242c0502764fee1f57ba3261344262535bcde7ea5e8fbdec9621af3b747e3b35

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9B2A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9B8A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit