Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ddf0d938ea...8.html

windows7-x64

3

ddf0d938ea...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 07:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ddf0d938ea67928f2620c587896f370d_JaffaCakes118.html

  • Size

    152KB

  • MD5

    ddf0d938ea67928f2620c587896f370d

  • SHA1

    26ae39b41ccdbf316546abcdcc34b4c71fdf22e5

  • SHA256

    c9c0594e95eaf746d4f959acdc09d545a204a46030f711fcb8d5aa1c847450fa

  • SHA512

    736b3f021e63928432c93933b051d95e74fd227cb1524ccaeebabfc6ce07c1abdd75211073f2d9f40bd49432dcc5a7c23384943f5677fa97fd2b47ef5b38c785

  • SSDEEP

    1536:SLfdPs4pbdQHKHEPUeSaohKr9giEdehKtqxfI9hn51m/1njhpx+ISChhH4yUCUwR:S2SEK2ZUKshzFlVbg/P

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ddf0d938ea67928f2620c587896f370d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1416

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e02562a816e2bbf279983413782f53be

    SHA1

    f31155ef6e427ad46115ba4a8b4f64eee12f4765

    SHA256

    6af2a43e85186f01f9a3db3212fd684869724e65f06f406d15c0df6c31618ea7

    SHA512

    1584567d8d159a58f10fca3cc236225c3330e79cabb6163bd778f656efa0d616429c9edad29ea71bd8036761246f8f812eb137f784d623239952ed1d67d390e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    25e087a86367417d51a8a248df134ec0

    SHA1

    596764095582a2ae87f77dda91778cb57c8f3064

    SHA256

    b0b01663a22f46046da7794eb14df996a3ab517ff42c8eec8a9bd6f5f5eff319

    SHA512

    f2962b53ef772c2cf1c531a2fbc36ba362c1cbdb3f864990cdfea8c6c6f57a6e58d4a7cbd8560350bc476ce82b45e97e277903b71e9970084eff28bb9fdda421

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f032724106b6cadf2a6d8953f9f2d009

    SHA1

    4ce26c801d6c11a856e64723f916758aad6ab59f

    SHA256

    dfd8775973b363101c639bd67b119cde8e4f1b2564233dfa7cf8af22f102a585

    SHA512

    c5e05e0760d94231bae6cf83173a93ebf5220083bd5c3bf5175b7a0315446d26c0f0353c4fe14a7dfa0bb29a9c58e08b32adaef2a528e865ddf63a2add516ee5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69ce876c5820eb34492c826e21f6b1e0

    SHA1

    4daa70726c7d7439092da902ed9ef835a88b7739

    SHA256

    6e267c5c845346c647d32242dd82e7f453cf39eff5962a07938bda28cb5cfb63

    SHA512

    55f41b8d661ab50c473b219f6a0149eefcf05fc1eeb540c0c9bb6268d8996bb7b04e0a67f535488cfe1d9c4701a97598b0f7ed41c820f19ad8a12caaf31abfeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e939d342d496a6c754b3cde4d2bd764

    SHA1

    25e1ca2b73999152112a997c93001ad0736852f9

    SHA256

    d64637fcbd5abb177327625285ac67fa5b3c20e7edccf640632dddad77946365

    SHA512

    d2b68425cf7c885b68da3bc84020f9b08adb437c617764e85c98bde102c6994554fb12121b2c6ed52c9f91217e8f1c2183a722fe31bebe396f679196a4fb32d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    747abb14f136a9606321e02073b8d2de

    SHA1

    9e9e73aba866a07fec4e73e33e32000c2f3ac7c4

    SHA256

    ada51c43c4b3c10dd0f7bfa6fd139b77ed21b173a60520b31253cf81bc8de227

    SHA512

    416bb7f029355d864591c812e700a8a163b947d188d2448398e1455e4830e33ff002221f1de0b3ddfa86e69ee2e714953d88828098aeead2938d843ff07e8b32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b8a22aebde3b4a52d76ea9d67a4ca61

    SHA1

    a3f00d02c1019804fb343a849c87ad21b9b16ed1

    SHA256

    c219066eecc1302c706b78688fc10dd8429890855a61051d8ce05da9079adc9a

    SHA512

    6cd631a1905245f3913750c521861e8af9f84149acc3a8c6d06fc9c1365cee1e3743ee607fa1c2c005d609e28ab390e70620a7afe3093077ac5caa2b0cc49c5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4525807c8fa7f8767a97ec7d238ac9f

    SHA1

    a14d16c96bec405b97c335cc705f5906f8edd4dc

    SHA256

    878fd0f1a6f16e5cbe09e4ce37b2a28332365d8db0101d74baf78b1489ce208c

    SHA512

    a9b9cf26eb46006c79786b4138004f0daeae281ea969c4f3ddaeb428ad890b364f06798726dc8d3a6ee78e1a37276049405e11ec37109398d1e0027246ea0fc6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    516bd4445d80e915a0d5adf8e3cc0a7e

    SHA1

    b8f814084cdc05112764ee061d61a8698f8649ad

    SHA256

    42bc24ab1158c38b9a6a96aa9412cf629b20fe7b4ca4f24ffb0ed1c46b181989

    SHA512

    2933b205344615942fd9c40af6fe68e7eb36b98f47d258f5a31d8926aa7061bd0cca12a39efdce4e16a4e8c8141c2fb75a648167723a97257e0f7c3e87414d37

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA517.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA578.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit