Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

df54f2af49...8.html

windows7-x64

3

df54f2af49...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 02:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df54f2af49984b4dcc84f2f57d0766d0_JaffaCakes118.html

  • Size

    65KB

  • MD5

    df54f2af49984b4dcc84f2f57d0766d0

  • SHA1

    0d4c276dadedf2e90e88e53079de4610bc9dfc09

  • SHA256

    42b97f565453d48ed6f6125dfaebef8ce4dc2e3b8b73fa8cb5cc0c774a8254a9

  • SHA512

    35abc4fa4748ae9f65a2afe9276b309311e328dbcc603263b24af57db3ce94fd540a42595db17db914248097538717e3f0475f02f2772b31c52f210e27afeeb7

  • SSDEEP

    768:sc2WI0+eeIlgJszdZcvxwGz9R4AgKPkNui2++CV6U9:s10+ee2gJszdZcvxhh1i+CV1

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\df54f2af49984b4dcc84f2f57d0766d0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd20856dae72c560e2d251ff4a3ef5f5

    SHA1

    de630fad4b443f8fcd37ad6c3d40e658ad70abb0

    SHA256

    4106fb90662e182e3b50c232b20ce6f22ac4146e6f2f1e8ea9d4553a54d0b2c9

    SHA512

    96dd7d23010dd55c646c5edf37ae119003e25aa728b54496464756a47f40e0f56323528469927bb977cb3b3084938fc88126221ca4bb1c2548e789eee5655986

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9158c5bd781b9ac5697aad5aca12a4c4

    SHA1

    4f787fbc7bde8815aafe9402d82eb85975659331

    SHA256

    aa9f7fa74f66b1307cb5cf20c3d685fb97bff9b9337dcec1e4fed4cc37afb2d6

    SHA512

    fe268434b60824d91a38f04958e502a34ed76b74979dc3ae4c6a02faec3d392a3663d65bc72670038be77d748cc3d1db6576cb299b67dcd334d4d87a4b5d6ca3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81366d1f169499bfa3907ab1ec6115b9

    SHA1

    8dd6b33c591a9525426ffe3a037884950f88ab12

    SHA256

    5667bfdd16c321ac7709da5fc2511a305eb805e806765206454d883c4efe1fc5

    SHA512

    2d54bd02c1f922bfad8824106e62531b3258fa0f0500308fd202d853824c289ace721cb6337f0dc5066a55d3df335a066038cf1da06f4b54c4451b38b2f9775f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64c5e0d52284711b6b1f0871dae62d13

    SHA1

    59a22efd953db03960c385fe0b257dbebb1eddbf

    SHA256

    2f9f6c90ebe13855ef7250737b03ecf5db4042d394cbb503be5655df04d94985

    SHA512

    25e62820558ebdf0929a35d440376c491e28b42ce5bd4b3cf976fa4c362489211e7dbc7ed8b765dff9e15cbd184d57f3cfbbaf2207c9e34c782d97fee9b2cefe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3934300ad04ef91a5a973711911bc21f

    SHA1

    f9541431ef118dc67e20aa84823c22524587e47e

    SHA256

    3a6c2ab935bdf60a756921f3f979eb594ac0eab6f2a57f71c78c4b94b0b0c6ff

    SHA512

    f5a1be794f14c2ab67ee8b876e872c67c1b674ba7b9dc1db0241fb1504167a76a0e43016f504ecfeee8eea1126828e899d7db9d11cc66d83daf92a799626b054

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e1731eb9626b3686d523e5e9079e37e

    SHA1

    7dbc823f15e0d84a4bac222d4cee2dfdae29d139

    SHA256

    49501545655b664a52e2e487378307346438c7970031b753e591df988124c2e4

    SHA512

    6c627abd3ae00d2039b93ffb0afcf0c1153c04070cd1bd259ef02d87e11f5d5eaf37de34035dda69a651bd678e4eff6820e19a03bc8fd9b33e3fe4b77f710ff0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7125bde03483ab48c39eea638d68b273

    SHA1

    2594a84a4eace76703f2cef8bd48eadf5966ebdc

    SHA256

    2a308cda003dbd46d81a3210f3ef29eb6692dc9a34ec01c3329773b18b7ca7aa

    SHA512

    8fde48b857b1fa2279674fcf2bc253e26e07ede6eaa0523d15e8a8e191f3c14eb402f9c7eca8c5284bda584ad3a53ef438c5084c481c0c369e1f55e157e54fb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    749ff2049499967a7209f4d505769eb0

    SHA1

    faf6af4f53d93a8437ebbbbd2e4b61592c9751df

    SHA256

    fa1a2a06e2d2fc98d5e33589010adf4688df3bb73ea2da052c74b1917cf5d77f

    SHA512

    d752828c0b1d716352f4d0dd3c9cfd260ed5e851abf0d72ff0f7b51e55a699f5ad4eaadd24c0d1c221e6efed30af5a564ca63cb6c4727abe2e093ad6d67d91aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF3E2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF405.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit