Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

dee94838b4...8.html

windows7-x64

3

dee94838b4...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 21:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dee94838b42d4fa049ca73033b663050_JaffaCakes118.html

  • Size

    162KB

  • MD5

    dee94838b42d4fa049ca73033b663050

  • SHA1

    adf9936f84fc1cec00121534c996b9002f2ad3f7

  • SHA256

    0945931669ea18cf6c0f6b75e2e9e5dc473d7eb7da23424f3e644c481d01f438

  • SHA512

    8f868baad2ae44f36115138e3046f3704e5f9be8fd4f02a93b92b765fefc6e5db85ae93f3051e33342a99df3eefc3934dfe8354688d0a2a56a6108869040f68f

  • SSDEEP

    1536:QpUYJru0sJRjZyDStoibovSPTBioegjxR4Su6Oo4yoyosoG2R00M+V+A0zu6JA2d:QOYtu7jwW0gjnEKJmQ3CC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dee94838b42d4fa049ca73033b663050_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61d00262de780a40a9b50928eb0485a9

    SHA1

    cc04183f30446721c98b2894742c3eb174f49302

    SHA256

    0b0b2b50112432498b258ba56e9e21c89f625f28d3fe964f2edc8cc827f78884

    SHA512

    e33190098a4506cb4834452e884aa748f0efb0ac27e3539b0f4158061c8b8c6298f2456ce4dbbd5d3e3eb1b2dd099091c6f6cfb61a8ba5df527015a64bcf9e51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d15c438106d1e1dff78232196e6b8238

    SHA1

    c8ee0552b53a553f25b53c4b12adaacbc3ee50bf

    SHA256

    bd9786eb9986db493f514ed5c666878ae9f38bc5829e34f331445dc4442277b2

    SHA512

    71ced4cbb6d82154de828203558a86c360b233e328a496811599e739a59a1e19c81b18876e3f9aa0a5fb99362f1a353973a50ac69f809b0c58fbcf10a6e4b35d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dfc3ca1f7ddcaed9ba182f80a4ccea9c

    SHA1

    18737176896ecccbef124fa135b44f8531a38838

    SHA256

    d7171d0070849427a2e50c42548973b4e48820fe0212d4841e3f7150a770b076

    SHA512

    9cf5e0d71d37e8a25d3b1adfe280e376ef2c24ccadd8f955a2b2e6ab3b530a9fb8ed01fb956ad2733c94745aabfe8dc7fd74c93652432df55effb77b41e14f01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3858ca483463bbcd282271afe5bb74a

    SHA1

    eee8943c59ff8184e426a9145eec7d14972f41b1

    SHA256

    9996382a7445fe7f59a22daf5663a3ed6e5c2d47d499f7f72eac15c94cfdc8b4

    SHA512

    df1da79483259010e4e457b88943fb13216baf204862673027a6595bfe2a0656540558e1e6c03025bd86eba2ed2098893dbc3bb8a0a5dbc031b9c83982d37151

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    871b08574042002880cb373130d659ce

    SHA1

    2f69f695e43c4206af7168b5570c4dba93549152

    SHA256

    43ce03c998b798972dab2453551a19be9d81338975552b753cb715ec35a95381

    SHA512

    f540749947a9589870e05b0c9f951911419a007300b31bad734aecb4465958008ff547638ed16cb15c09d02d45a8651b478547630f458561e1f468557dd7d39e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59d9d8ef4b83e0866c1555625d8b80a1

    SHA1

    b2b0a202100a42bf431bd0bb1bc9a10ac720f142

    SHA256

    a2cdc60aded6e1072eff0fd314c0e48661e50877d3565b9514c8eadd7b8c43fc

    SHA512

    a2a9f7025493dde464a0499dbf74981b67bf9c1394cd0f78d9357ff8af5e30990d808c8f87ad8aa39a017656ceb0fb1b259cb6dd3f5cf6849b2cba339fd31c43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0ce2b3fde2d3d22e359dc421b4747b9

    SHA1

    18a6d787b7f8f2bd3ecd040b244ccf56491b6830

    SHA256

    d5031b07f1041f4911ef17b0836d474d42d0c9da54a1c97c62729b3c922b6737

    SHA512

    21d42a8d2a0190152833c5ca5aa379a3e277583190e88ddf56c2f3f868fd72464ad726f3914f0f462bbe10998439549f14752cbf44becb8ed4dfc9fec5bc2ceb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d777f7428ab4080c750f95504bfb7d9e

    SHA1

    3a4496077259c09f91589a2901204dbbf5a2d01a

    SHA256

    0039745c397c45151622f010475765d64c8d20b84f69aea95e99737237f3a242

    SHA512

    4033e46491db385bb458e7e5337ff07bca57cc305a0fd8e9bacf43e58d61b325294cba0283e7bc90568e39af18b3f1968cdcd29c057532d4acda9ddbb0bd0ce6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e6ccaa61517388c30fd46b7b17e94d9

    SHA1

    83ff158507b0aff43dfc9ac855d99bf587bc448b

    SHA256

    19afb794f0a742f4a5ca29ed2340f7f832026b58202df31cec8dddf40c84769d

    SHA512

    3db15496cb35741226f5bd754c0eacc80c81f332071f8585ed9bb0f0a41330d3d4cbd89bdbd77d2f5ac5c2cf2f6f8d75220d90abba7378cbbd9cfd072ad4a08f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2ac644b764b3473a565886118819a530

    SHA1

    f8472698529c27f8d67cd3415efc56d5235830ac

    SHA256

    06d213044f8dfc848575a4522c313d1141b8a2b9a33e1072839701d492f4899d

    SHA512

    3db24c49d9328844eefff0ba3e8444811cbcece4fc4eefece5a04e57a57baab8375f8036a9699e79f61276529617e4f1d81c7ddf40ebfd4f775d3ad8b9afd4f1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOGPI1N2\cb=gapi[1].js
    Filesize

    66KB

    MD5

    aa012028297a26c039c37ab25a4bd17a

    SHA1

    25f23d01b5f580c00778e1c010225e5b8c73b66c

    SHA256

    55cd2316edf7159b623e4ec2c9e3a334027c01e2d1cc386f833ebcd35ed87b38

    SHA512

    d346eb082674fc26d562da9a12f36ad2cc7db1f1b35c891a8734284cf1bd052a967137c1281982070688b2bb2e06c7f4967d1c9397311a31a11a8560b9c45fd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD2FA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD31C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit