Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

de689fe3d4...8.html

windows7-x64

3

de689fe3d4...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 15:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de689fe3d45e829f5b8a865da134a70d_JaffaCakes118.html

  • Size

    53KB

  • MD5

    de689fe3d45e829f5b8a865da134a70d

  • SHA1

    06547f87625840121bcf531c30efd41acc86e6c9

  • SHA256

    43666348768dd5d69b8f078bcb43ed62e3add0794d2572b2598851e6242222e4

  • SHA512

    ea454f88602cce4f6f50d92f2bd3e1143eaa5b7bcb2d45600708da54dcffac428809a0d67315b26f3b70ecffd499fa25a1c7e2d9083da141602d5afa7f45c859

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUdrunlYG63Nj+q5VyvR0w2AzTICbbZoL/t9M/dNwIUTDmDf:CkgUiIakTqGivi+PyUdrunlYG63Nj+qG

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\de689fe3d45e829f5b8a865da134a70d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2876

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d6d6246a2e62a54ae9e59ee646398d6

    SHA1

    00d966303c027221de0d9286ac66329ff9af2dde

    SHA256

    ee637dc8b3a632acba92945a6961c13cf8565e58e8255fef819f73ab1bc6733f

    SHA512

    ef217a23ba90176637768cd512cc09b8db8a9d591fe7d894d9308d1dc1e846de7d00d1f15aa1d2833b5b75c72da6e94c3fef45d698ab4853e64773b7577046e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b0d4cfa5e94068a44034b471fbf3990

    SHA1

    ae61d7ef433741532819a81e2bb750a24405f1ff

    SHA256

    8a142df93c447b5eca724898b225de75a2e83edb2ba5059bd3a4da6aff736df2

    SHA512

    8c15f1d9f3ca4d7afa28d075c29d4e13a718d10566353119e06648e28bb8c00f24a2c7a975e6864409b016fc63d7dd77f131baba89f9461f1e5c6239fc40ec4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    863de078faa9caf3ba155ce964a91ce4

    SHA1

    2c17c36a2f0762f9f30137173ea9663cba1483a1

    SHA256

    32ad0f5512d9c1bed1ba6bf0f104428fa1d7a0c9409af21f30a01bf8c1106105

    SHA512

    0ab3308e1f1ad4f699e26c537e0603d721b743a4c834d50037153b377c4311e5b34c80d57c97d0060f0a904e3060a94b9a2e1f222599c768ef4248644b3996c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be410029b2de6737181e1bce5beab170

    SHA1

    d56570769238b878c094d34b792c4b9e79770ddb

    SHA256

    e646129886f60892c04e84b5dda3d6100676068ab069b1dc39916bc4ff0ed789

    SHA512

    d07e310d5f9ea4e853edbc442e6b7113f0f4a10ee022c8867fbe2bdfbb85b777e6397f1314d0100fc421a48419e655f183dba15166ec76e824ef966a28fa70d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e99f750eaf5b3c74b73bedcc755ef6cf

    SHA1

    9cd893928b3614327de083d30f634f2c7f04cff2

    SHA256

    28e10deb27ab20e1d54395cc5f3c61201f36226041f2c4b894a966f55fccf81a

    SHA512

    8d39670b25c67ab1b1efbb9cfe12a6d6f3272989ac0fc3e1c5bfb82bb50fc5c569ceb9b15dd010a0f2edc34fede300ca4950e4eeb4b7cabf879d31ff2e8cbe68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17a9b821028ea443a25eea9bddd7f50e

    SHA1

    67e12523a829c8fa5fce9ff12aa1348b7a291266

    SHA256

    092bbdfdd021bd2d7d482c02a46c638ab4775656f1d88f09a7429835e9e5d69b

    SHA512

    728a23aadbfab4d16a52b7e64fa3ba5c91bfbba0521c8699fa8d34c32e63722b02fb3988add62169f0cdaaeac29f1a0359a66b9ec61fb27764d9c89f7519c09b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4a47f3236352c1ec52ca1804976cef6

    SHA1

    6da72ee9552aaa67b735b824c08f402f7af5e05c

    SHA256

    c6bd77869ae83982bdd9582f3271eb033157b4ee396033327987ddcf91693bee

    SHA512

    b8d91983362b7367e8919aa642e7bab7cf00131240b8cd05bcb5f4972257c9fb50568738a703c4f3e332f0fb3f55ce4b7eca31e1f9e8edda55ec561dc30d36bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f174b081e48324377b79ad61ad22253

    SHA1

    c218f4d5b9e6d83424ace0afaa056abe8f15bdd6

    SHA256

    7ee41466407849f58dec8135276bffc300604e408ad0cbacadede66a6679565e

    SHA512

    87670e4f14fcf53fc1d9d72b0a6019de4d3d42cb8c284d81e73054f652709c4f128bf4e6c3e2fb0cd3246df3164055d1b74d7b679426c6742156da494ac44795

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed634a6cfa27fecdf6801a5c3861e1b6

    SHA1

    aaa0bbaa1b858594b84db966289ab9a740e51a71

    SHA256

    976c8e96592e5c6815e925207bb1a322055cf666b0154e50bb483c2c98399526

    SHA512

    6984b60d68c5e9b51ad0aea016b4c2971acd4e6770ad118b052977ab6b9ee403b602227da348e852c4acee0e7f422e55de3745064d714b7a86d654033ecf6f9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca083f6fed050e63101799c003e8f7f3

    SHA1

    151dcd3ded48f284f14677368c7ee76fe090a9fe

    SHA256

    ea2111d9f77b7fbde2e44eda240ec57bf919c67a30a36fd83d038d620ab64359

    SHA512

    d53057dc0853542628764f6f9618bd2c8399ca179034bd3400979d347d5ee62f1de3d782c4701d8b105d5c47f74d3ea6740f27cc6f75cd73fb8d4e0342c6e9ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e09955f38c335393d2fcfa9a19d66367

    SHA1

    f5b740adec2720e8f8cef860c72e700dd6194b98

    SHA256

    4fbb567bdcf7cf2d8291c41b214b188aa542e65a49d0cc36dbcc44e31f605c97

    SHA512

    cc795d46c73a7c84d60acd70d0c52bbe3a8dec8f88aa2cce59efefda197683c8b49d217ac8040743bafefe8139894df485bd0af388f276378f123d48b993861e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q0WBLVJY\print[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5AF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar63E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit