Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

dacb869763...8.html

windows7-x64

3

dacb869763...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    126s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/09/2024, 16:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dacb869763288a71afba68c8b3ef8cbe_JaffaCakes118.html

  • Size

    28KB

  • MD5

    dacb869763288a71afba68c8b3ef8cbe

  • SHA1

    955b019a3e01acd3a06de933b01c408734b6cd34

  • SHA256

    134a4f29a843231be03e39afe9fb0b052725bc87f8bef4cf4d5c1ec2e768c73c

  • SHA512

    ac8ac6bd522a6cae3d17f3cfc2701c12fedaa6c449631ff7915865eb2d9804eed6f8ad7359297996eb0f9cdcad1df3d1959e1326df16e3a776c39dae34e02fd9

  • SSDEEP

    192:uwjsb5n+hAOnQjxn5Q/onQieLNn2nQOkEntQCnQTbn9nQ9erXm6NvfSo5Ql7MBrq:2Q/YGJBfSdSZ8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dacb869763288a71afba68c8b3ef8cbe_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2676 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9c1790ca05b52e8738412c122fdbf041

    SHA1

    f8e45d32a90236b20c327674c50bae7a9e67ecab

    SHA256

    cc47aaa127e366a1dd6e1c86e365644425b015cf7731e1f386aaaa867b044671

    SHA512

    a25ebc8d4f093ae47f2a4a747208e70c05ceba8aba3e8a09414d4aeb75bf547ea39bb24642eabfc7dc92d3eed54a5295fbf842d4e5a7eb248688f480f10ed910

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21741ba8c7c0d38738c37b90000f01b2

    SHA1

    1f76dc5a803a25fb84ec87af2093cd3de105058c

    SHA256

    c78bb1ca54b7fa1c33e3c60344da334a335fdba4eecebe65e52aa652d6567121

    SHA512

    1c1ae354ffd9475c58bef5691305cc32caf786c1a4fea9470aa7176df48b7a834f543d8b1297a38bec799b1faf893874d1454fd116826dbe2742d2199b921822

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c17feb355c45ffbe0cd7ceb4e8ebf38

    SHA1

    5f87f8166e907add981e05e2c581180b81aba84c

    SHA256

    bfcc4fd45850ed142cd40b4792c8ef389dd706f7f2f9f688f2c91afef3297421

    SHA512

    c4c982eff8228b53ba5e14a09ea761816b968439e1a325990bef2d2f1e06c642e849d3922731830aff548545f0c07c81012f862420ac11ade2c9718eca9862bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    597cd5a5a6fe5308b665008d27306ac9

    SHA1

    283a797b6135f6e2f6d71a8800724e914fa99599

    SHA256

    9d7cf63f719bac37b7d499516e6e978d42fe1f39903d90c35e63efed936980ea

    SHA512

    5786cae9752292dc41518de8d2e7cc12993b71c9e2b5e1cb29f664e68a79636b0ecf931fdcf530b6f7ca41fef7f9149114944933d15693cd886e11e66d729842

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa633acbab2dfb1b14622a707877f899

    SHA1

    153638cfc8c9d72f8a074fdd426991d017c9893f

    SHA256

    de2d3882348d0176d30cf0e525d39a0da6a25229edd9789a930bb532c4271442

    SHA512

    e780a20c25cfddd8db73544dd02ade77459b1cc1eeb6d0fe73be2762bf4ebf749ee1635daca721c94957b2f589631540d7fc03d801833b4003427f9f6b9af97f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e50492d23efaf426bb7fa0b3f9cfa5d3

    SHA1

    19ba8d1ef50ff9fd0e4d21ac65c2cc499d72392e

    SHA256

    46f2631e91c10adb36a04f133e2026e0ac2ef040ab169dfe05aa1a309b200a95

    SHA512

    2a35e0a11849209173dbac0faad19e2733b178da879147bda5e82b9faf981425486abba505e96a826f7c9fa29e3bff097e8c9e804c742f5d0a627dd249adcb53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e03b5e2cfc0c9f3b2b68abeac505a58

    SHA1

    93d91ee46af84f97c0b4d3884843bf6ce59adf98

    SHA256

    7bcf3fb103af7d27f7f5579ec7593cb5201c39e20187cdd108cb5a16542b3e92

    SHA512

    acefb32aba22e66af75e1b05e590bcd09967cfb4431a8ec8336bc8380fc233671154e683fb9633320bc0402f903bccb9e7bd0e97ee0c742edb62a2483ef5bd86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2df9e222b399854cc66ade49c4a4f887

    SHA1

    23c90537f5ed41d32a71e33c548873ee96ea5223

    SHA256

    423b8193b6a7c1734450f6f46d5018149f40638a58908c0ef85e7070dd85f9c3

    SHA512

    3dbedd5385d67d7c93f121a338e9f5821b9b18306d6a462ac77c4f8e6d8cbdb287b3d3145b2dd72bfb1aa9402abe4ed9c998d0455ca4f32ad27d742674e12f92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9b228cc99f844626e292e6aa580af37

    SHA1

    e3d534e2ea399d0b5ac4afdbddd3d9522b470b1c

    SHA256

    0e86956300c5a9437c11076072bbf48f4da5a83fb54074c1e43336e12b5dfc85

    SHA512

    df69ec438c5c1d060ccec009cedb744e48a21ff329a27bfa067f833c9c03f5d814e9176d5129411c3e55ab1bd165b12d37e3ef673c899a21f942df27fb51da66

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b218a3954caaaa8dd636c375604d0136

    SHA1

    c9e92f0232d7a68708b3a53c2d2d383e43e1e5b7

    SHA256

    8ddec7a3d47d2fcc047f5a09743e53f3bf237bdf298cd0128e53d910b785baac

    SHA512

    4a2dabed91b5f993ac59c13f333de38ee48aca7eb87bad4e7c38f1786b5ce3fe61307b99a5cfed6203c2ce3d5276e54bffe6be6d865b349df23492ce768ef0fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c66c397a38553fcf03e000fc19e0bcbb

    SHA1

    705aee07545e892672c8fdfc0732fdeebbe85f2e

    SHA256

    239d1226422c81f718a638cb11b5eff1ff3ed32ffb066197e2dba255ebdab9f9

    SHA512

    a04e3934ecb69a8e597689b7b6f9ed976225017ca9401e72a5d58aa61fef68eff37268fe6d725db32242b6492cdba3e79570b7399788aaac8cdd17badfe9550c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3382.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar33F2.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit