Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

e0af743fd0...8.html

windows7-x64

3

e0af743fd0...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/09/2024, 17:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e0af743fd00c21a190bf8e6965f391ec_JaffaCakes118.html

  • Size

    22KB

  • MD5

    e0af743fd00c21a190bf8e6965f391ec

  • SHA1

    feba6c94deecee73c824dad3d3ef82b2fec2c57a

  • SHA256

    110e9aec08d74c6e7dea935e4d3d314293b2b118434429716db1725d68828117

  • SHA512

    8db8e0b09c6da796ab1d4f2a3b1614e501bc26b2e51f5153b885bc2fa3eef95944925625389e767ce060ead4f3959f46a1a3a318d5d04b41935c53c0f00e5277

  • SSDEEP

    384:7QEtMNaCLGwXggfJ/CiUcxLaM5OSL5vvWTpoYWpomKpoCc9pocPpoy3poSlpoxpq:erciBKs9hp3HlUnXdRevZkWCK5fzPg78

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e0af743fd00c21a190bf8e6965f391ec_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfae1fc35d412cd104c7a167e6a79278

    SHA1

    8f15adfe909fbef5caf7c0d83d7baa3f626c3e8d

    SHA256

    be5d92f6a88295745508abae93571e9f99e23431cbe6a13e4dfca567b3620d60

    SHA512

    8d27639c3a0004553c084c238b5684cb7a5ce4d0be42b616c046842b62637748c505875e88b32a762b0a6c87574d7234fd34e5667d177fdd279e54803e010664

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    651cc3f2b558eb4d930fbaaec9f7a851

    SHA1

    39cf1f5ec577ee2273ca7a5c3d13f64ec58e793e

    SHA256

    e1202e438aab82fcba3794ada97146858c5fb6b584be49c07a21d0dc88b6366c

    SHA512

    0dfd58b5b1665547502e0bec0ba562954ba7ecc888adcf5e01e3ea96bf8bf413fb4ec455f5418d0672018b478a93ddb6a51c8f6a26eda64d9609d3f1b7b83a4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1af9c891f46c63cf39494bccd9f38612

    SHA1

    1a79c2dd08089290b8f05d22267c16bd2e1c389c

    SHA256

    b1940a742b3a431f341dd59120c26bab677d73773b827a1d3c2adcb9ffe1b6e6

    SHA512

    b11a1451fb47b715035cbe68e75652b18d901633e8c4fce6791707e34f634e6c612fc00ca19cad62573d27674c2b8dad24ba2528431b8288794a1e35e9889327

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3a1c8e35c7b8afb3ae432ba957d0d44

    SHA1

    b625b31c865be278ba09abd94a19a0b0e5748323

    SHA256

    8409228d3202585ada7e8a425cad519f2a4d6ad6e91331360bb0e86c9332561a

    SHA512

    d2b18c1c3fb27e1c2952fd0285d36cf564344b9caf26b143aa5eec616b56e18a3a146e6fe1db9fba39175ef4936673a16e78c52b4697785ea93b63b737780525

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1916a9bfa7ec4baf9e408797daaa7b23

    SHA1

    49e75330c5a0a890593cf9e640c34306a17e5b15

    SHA256

    ecc3146893a263e6122d5e3a4bd6bae6bdc753a969123b422f42900f23f665f7

    SHA512

    3f3de208a8f74807a930a42ffc95aacd2b995f2aca8ae8a73aa328753df64a3df647262b103b50aa89da016e75e1bfc869e6e25fa289923e75abf8baa0151dba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6107a27fe1ac28d60021fb7f2c50b805

    SHA1

    a96a2d37c1a602c90b62788c72fb1f5b01d0e0c3

    SHA256

    87f8838e6d025ab4401ed1c0187fa6c151487a0d482d624c85362e1f83513ed3

    SHA512

    2183cf9474e321eb39148ef35b72f6a7051ac72558a0925bb94f292b4788825900af39249e342249da4e55cd406e97a3e4a047778eee74e74e920b54693eee30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc1f32841ec3e6950b96a6e4b0107051

    SHA1

    74b55cd1eaf52bead4c55d4b5a7594b1eb5ea323

    SHA256

    0fe03df90f6fb35dd83c3d443bb988936df3faa3ff0c5b6aed3edafe87c19dc8

    SHA512

    cd3b7c4b7b67d621ede7c06829699ad071302773e76d4599a9785e3550c4690e6fe076eeddae46b73dcb53fee9fc8b28cd044cb1beba48c1b4ea2522d30888b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c16e26c1b46e3a8b259598400dad845

    SHA1

    9cf8e9a4cb922a63f7cbe590558013a40531f473

    SHA256

    50228b4ca3ec9ae100857905f0840901534cf01821b536e37287114d3c814574

    SHA512

    6d2772ed399e80df70a899e30596e388c4822e55b8888a3025b7e4eba8061862ffcbd574ad374cd5948752fdb0fa123750501ff18a97ed1fd36bb36c0416dc68

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    617c7a078053422008660f2b3f486908

    SHA1

    c45ad078378e7d77da20145ec06c357d8ab15593

    SHA256

    e8165b21223eac0e3efe301b467b6420c948bbe114e8e5416de6a4095b2893b0

    SHA512

    a51148ea345adf2bb9d51dd1080cee94891dd23e2391c1947f02ff23c5ca42c26a01d6f65cfabd9b217c615c24f469dd5e14448f14833a4147051926ae44ae1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5b84d83f6c6da3462f689e9801d2468

    SHA1

    4b5c16fe236e5f33988210ebcfd25261611279d5

    SHA256

    d4d4503920f7e9f1b989f8f7f8d0848c07827fb3c055a6c93d98c84184a92faa

    SHA512

    5183eb5e3baa5a9419a5786e4157e89fe38a4e68045d8d60ffb421c4b0c3cf8349de5e2278313798cae3318a31088507ce33a1b7f31d22b8417b938beb655345

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab584F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5850.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit