Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

df66d9d23b...8.html

windows7-x64

3

df66d9d23b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 03:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df66d9d23b7dc518ff7981a87a2d7c7f_JaffaCakes118.html

  • Size

    17KB

  • MD5

    df66d9d23b7dc518ff7981a87a2d7c7f

  • SHA1

    62ed977462d04d5ec3839d3f30dba262070d08fb

  • SHA256

    13e880e7bb8380a9c284598c3f8aac397a4e5a0bc5c681bed26173bfae7d227a

  • SHA512

    ca3c5128265505bc574715d9b0b0fd59df1c3af5fd21fdf4eed1cb93a6991cd68fa4ca5aab2cf5e17a6a8844a35fd26a0ac57d558cf73255d4374dd2fdf2a227

  • SSDEEP

    384:sTlIci9DJnlx2PkPuPaPOPuPqZPePaP2P+PKPoP+PePUPQPiPqP+P4PUPaPaPwXr:y9gdExLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\df66d9d23b7dc518ff7981a87a2d7c7f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95e1076f7b161f834a88c52a2126b82c

    SHA1

    6e14ed95c5c48650a900276a0b318a08ea9cfbc8

    SHA256

    7daa1501a2652f4153fcea648dcb9a8f050b7a60662bc784450630a108553e36

    SHA512

    7ac6df3804798ef430275b59e1d16d10cf6522d935978bdec5d195f1325b5f71fd56d491be03c3d15aa62d6868bcde02c42f143a7277835d13c9da1ee4b14b33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    861df6528dbac17805d4f38aef34d282

    SHA1

    591c7860ba7141a912acf151eb55c55fecd25fd0

    SHA256

    0dc0176a577fd9895561f6290a95da5e47e821447ac4e66a9c4bdd6e7e470183

    SHA512

    46b7655580fcf0892058366fbe1873e3788bc97a638a31a79084ccb5cd4065a5754097f0c8d01cfa4c7c0586433a13dedb4ff81dd7e4ff39d917d2739bf1f651

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06c5906f86facd2c80452de93946e00a

    SHA1

    cb580d287f7cc8ffbee18c8ce58e09004f8d6894

    SHA256

    920fa8a97ffc0a20c299c5798fa7b548209aad26977c9586b8678cd644860f2f

    SHA512

    5d9dc72959abf7062a551dce0119efea520fc2dd7c0b46ca12bb5f000dec71c0020654c12b9055dea821c1a8e4390f3b1330af7ff26069d8cebbd7869c57d1d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4c26dee37edc782e0782413909fe3c5

    SHA1

    5101e951d2a76b14d214fe69a4fc1ad93e19340e

    SHA256

    a0fa6f8be725affe703b950f43ab347aecfdbc51d0312c5cbf61eb09ec679695

    SHA512

    5ba9d7e34666b9c70122b33c5e1f7f21fc360bcb29520ca882ca0954211e5e7ea7f5bc4aab6cad729c6b0e2d4d5cc08dcbe77c3ca5489b71ef66f3e4402647f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    290164901eee9967eeb394e890b491ca

    SHA1

    6dae56e9da47b98462ae2b954859c7b8f4f9e9b6

    SHA256

    97b682c8b04bc6b27adcb2ffec2616061f0663d121fe0bcc835cf54ffce4e9e2

    SHA512

    4770ca118936ff54dd9ac8650c6d8adbff3e01f42fb7ba75c9e9db8658e6532d1b91210923244cfdce0a4bd6c6f607df42aaf5696fc82062f2edcd38ed297099

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9438b302b27df4f7bdd24b9c24e08ae0

    SHA1

    c7dafbf03bd7d7994eccdab287c8093dfcad2002

    SHA256

    047d5510880f02020857bdb5e055360e9f60c59f66f3faff64c680750e14bdb8

    SHA512

    f68fa0b8bb894a4f2140922358f8a671d8f94d214cbed5e04a41a52fed696a5f165d58e2f588874374fa0f9b46319fbdd15a073b8922934d291d7020e72d5bca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e5e640852a14e9f2d42d958a1a141fc

    SHA1

    c9a8961c05d1327add5a77a94e6072ae4a6d3d64

    SHA256

    2726d9e3646acf460a9c9776a9705d53ca534e78d2b60e4baf61788ff3faa5c9

    SHA512

    ec897926eaf87a766ae5555b4ac4fb4bd021aa3d57709444f21b9f5eed9f213e2bbc654514e878e2951f3989c22318706bf7032194d3f88ab6bc7d915fc66af3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3da5f2334a8de50d842bd0fcc4f4e4a9

    SHA1

    3dd0abab627a0ca6bb295f5fde30d5d832293f5a

    SHA256

    77974ac90f5b3bcb843f02ff976f7fe5adbd7d167f7728acac6acbea838354a8

    SHA512

    5900200fc26f5705e8ce5baf28d6711e186929ff679616aefe4a483fc4bb1731c6d8a281bfb87ef1044583e841afc52dbf6200f714281235008ef4a65e3d51d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f0e397803e7909a18053726b91c35ee2

    SHA1

    075e35f2c435206e3a34107e13842b03c515e09d

    SHA256

    c63b892bffbf0244ae3b034856f2f87e7de2078a13540a5320e739bcd8c6d203

    SHA512

    9c984e90eb48ae8df1ebbaf40936ade4424989bf1ff23ae86c74bf5fb4bdb6cd52fabb8036eeb6c72e3a0ac2251a031db5588c884432ea038fbc7ef1f198ad7e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA3B1.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA421.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit