Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

df06158af8...8.html

windows7-x64

3

df06158af8...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 22:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df06158af8b27329b8ae3e8400e1fb8d_JaffaCakes118.html

  • Size

    18KB

  • MD5

    df06158af8b27329b8ae3e8400e1fb8d

  • SHA1

    ad76ae5a6dfcbfe76ab942c712cdcb9b3b386ac5

  • SHA256

    7d7d9b4d6477495cf91ee673518ee8ed938eb36a490d4eb8b01c8bcacd2b8c44

  • SHA512

    181609882668cb0201ac66fdbd4bef80f65ff304fa8bbd511f859dae317c5bfbec5091e2f44f0ceb600b2820cc0461a7a83bcb7250ea3a1c0064c3293879e1ab

  • SSDEEP

    192:cwHPi7YSKRZKCmkBwnAlgIfjKPLWOCnDzRbKWf2bd:cwq7YSKRZKQwnAlbLKkDJff2B

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\df06158af8b27329b8ae3e8400e1fb8d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2380
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2380 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ff3ccf71026e2c773862cad6c673d41

    SHA1

    e71f2b6de6cde3162785c87b6c51ee2964c12cb3

    SHA256

    1a7f0fa4bc367481058727503ca31166dd8f94ead2070c7086d032eadbc3e76c

    SHA512

    7ba00f9a199d7a7a443989e3d235fb91946ba3d3713150c4a0d130ec646a3624f54c9611265a418a3d9c185379fbf3bf83edde213b55a43ca2a78d11e68b5e94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5a21366479327bcfa7f1e6203a1e4a0

    SHA1

    4c19523824c05d616f1324dc8ca0bd5ac6647827

    SHA256

    7f25fe764b92bd726028c75937c29cd5eefe8def24c68cb8874b648976db8854

    SHA512

    13c286a85122796fdf824fc64c0b59ca72b8c4654322a38307993b9717af05e135e25b21d7490a0fe77fe7819edbe2db59274fc2d1c28f1556a7877361e6ad6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6d9709bb713e6ff05f5d8dbaada80f5

    SHA1

    4ac3ffc235d7e659fdcef311a88c35f659257f13

    SHA256

    2a74c05bce6042d0512cd3955ce9e82f332f509d2f297bcfcfe21f741a943227

    SHA512

    c1dfd44df9dbe24cc5a5d9b0d573ef80c1644037d529e8e491ce9c1700a68d30695059e9ee71d20e780282b11d9c7645491a415ba72cae74b75604a4c45a130a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39262d5023fc23359e4f74464a881e80

    SHA1

    09c2e49bec51750b94cf32c9f93b150f352c6ff2

    SHA256

    ecee4c781629a683973f65c6cc10273569dc7e473a86efef342ef6e4d523ee3d

    SHA512

    d9470cbb53063565c0e76b35367ad386b4875fe1cd722f3496968b9bc10b712aeb1dffa0ed30201a16aa0b7a15821f7828549ba035a2e987abfcda6b3d5f4f98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0926be54c9c957b00d8053a59ac9056

    SHA1

    ef470f74f7ebb5027f4c0a0c09a411842430ab37

    SHA256

    87ae931a8c56373d8e91ed56f0f739ad797c19dd390c479ed774df2fba66601f

    SHA512

    abc42ecf4c522ab565a72133102dac99c118f4f65c973da5a7009a79e1490cc153105539e2a7d9288464985887d01db2107da91501b9f91b2179f5d2204d0667

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    376795a85ecfa1cef68f7afdb8beba7c

    SHA1

    17f088b0634e7355008c10dc30489622c052be5d

    SHA256

    867fe09d96600bf17266e059e1ebe3ddb5e59691929eb5ed558429c13227cbcb

    SHA512

    369b1e578a2b200361f0da4fe7dc7bb94e6cff34327d80189a599e7494a3f537fde8ebd216bf20187ae72760824d959fd01d103c1775151170444e874f0ff50f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5bef6464d8d09bb59cfa89b5023e6d6e

    SHA1

    644e42704d633be59e1e629aecc6e9bff746f5ad

    SHA256

    4477ef9d39384ca10c421587af3b504e7408e8471162e89f4fe0444730f39041

    SHA512

    57f4a5ee7e4d2c6ad06fcb9596d962a7527bbd71d24f8cafb961d0e72070e8e67d7351e5c43f0b384f32f7ab178db7f7b9cc8b2e9c0eaba91ddedeb8ee791a38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fd3e8a2c0fef4cb4d4993c3f3637ed0

    SHA1

    75f296cf9a13da4dfb32e628dc3555bc1d79953b

    SHA256

    22829b90e0a293a0e0bc3ce6cd711e40902fc1b98f465ce6a82e0bc713c25e8a

    SHA512

    456ea2ff3b968e802e0fd993759a4f3a0e3bb2bd05f5ffeb377e3d27e1cfe047b8b4972d88167ae2055ec86e26b84f5496f47e9cd43b7c71c32b1a2d8ab80029

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc4616d6448007b400229962259e95f6

    SHA1

    1eadc6ae027ee80a016372edc90affd75acf01ae

    SHA256

    a13ca04bfc7ab8cf76ede4a8a63e34af9ed8df790a23d76b0e4f0b9005d334d7

    SHA512

    45bd656b7052e4643531f64f66b4ba48095a37450802a578b1d971ec6a212548e956f3f10ff750bcf1d7b2288b719adab93dec8931507f1b88fbb31c678c250c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC3ED.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC3EE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit