Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

e27a887f5b...8.html

windows7-x64

3

e27a887f5b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/09/2024, 12:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e27a887f5b3dcd92ae76daa7b75728a9_JaffaCakes118.html

  • Size

    69KB

  • MD5

    e27a887f5b3dcd92ae76daa7b75728a9

  • SHA1

    9d2d1e054ad98db8d9d717e16522fef0fe4feb1a

  • SHA256

    664dd2ba60dc6147980fadb8ca771225fa20ef5acbbfb740c027b6699c8c1282

  • SHA512

    ba443e91b6acd8e092c20365966e8c76e33102e07aeba4c4724977ea2f67cb46082ea411c2e1b090b04a6ecd5d9dac19009576188715a431323307bed98d1de5

  • SSDEEP

    768:Ji7gcMiR3sI2PDDnX0g6sLy6NkeqDeWdAeOZoTyS1wCZkoTyMdtbBnfBgN8/lboz:J34TzNen0tbrga94hcuNnQC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e27a887f5b3dcd92ae76daa7b75728a9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1324
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1324 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c208acbf5fd94b05897b09851f0beea7

    SHA1

    e42fe6687ce363a63456046bf4f1e8924149f2ab

    SHA256

    d9abc42fde582ef6abe3c2bd80facfa3945114d79383d3f70c36df9311596920

    SHA512

    7e3cee063d5385f6c3cd702a78584cebc51c06f89bed109d485f3e189b315ea058b85b139e8715b8bf209c73dcb46655756af295b5264fc496e259cf7d3c0f9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d95631ddfb09e8eb42ad35b039656b69

    SHA1

    71033d150961f40db7b222d9923f95f543bd99f3

    SHA256

    aba91bbbebdd7cbc51a5eb5a55d20dbc9a0b4a77e68d7551469f3e899ac0cae0

    SHA512

    ab2bd0af3fe2eca16e91336bbda8279a7e6c97e14d272a961154751ba1ead2eb3f46a63db78cf261c20f427ba40483442be652b1f4c44d68d597e3ee40054865

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dca5507cea9ad3b44ab19d748f22fb71

    SHA1

    602924a35ac0b40bb8a8625c4d27be3b5a1f73cc

    SHA256

    b694384021a1374bf9262bf3220175ee4d6ac7e1f69e206823b8b84bc41ecb9f

    SHA512

    e0a8d558d354c8b201f28b102f29cedcbc13b161a14913548e92b326a05657f9f22399154312a9836a9af85e43cbfc7e5a609cf78ccba9eba7db287d52b60664

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cd51cbe066d999cbbb753c2e81f134b9

    SHA1

    68463e5c7a52df9af2956625553b2ccbaf2d0685

    SHA256

    2fcbc0cc0fa80a57fec3f37a56290582597f901e3192989546d74b552102491d

    SHA512

    c8747e2b8ce8b2c1168119453e22cfacee91fbca8d4d1f89c6804aa95d36613f4deff8be7b9bf3c2fee7f2ade7390812f10c5947218f85b53b55bb796e994619

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c47a0b05a61c9a30f168a8ae16713d7

    SHA1

    929576dcadc1079b86fe4d578f61649af0358775

    SHA256

    b3139fd6c8d089483ee6f84445b78550bdb5fbe5298ebbb4efbf646556309602

    SHA512

    92475db126e4ef2dd70d4464b6e86672ae82dd43ac9d555f2eada873e552063b4080a8cd1c5712aeda578ce5f15bce9855d2796780c1e7f43f6b9f078c608995

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a08240ebc41aa5c33cca8eb04539d6a

    SHA1

    81830a415fc94c6ed64bdef3d7c33542751d9228

    SHA256

    9baf9bd54ac58e8d7db4c2b73f48acf47bfff2f28a8ae76685faf026ce1010dd

    SHA512

    97559355e313fafe6661b64773a37f1ee43a8cade0d7da99d1216c892f21d46ccee2c8fd87917d9ccb1c805f0c3dc5fed84e938a9d4c05a99a70a3e97f900775

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    477c6ac49c221e85b1953e4f49b670f5

    SHA1

    c66eb634e7a2b256c38e4f31e5f22383360ae37b

    SHA256

    4eea39886c22e36b1a785890b8609f13a31728f083df2afcf9b382b3149923a2

    SHA512

    927d3f41c99dec6d439d4ed58bc6997c0db3d6a4a92682b178c01beea6015f3b172a5109b7c84d9d9ca5ba0bf802464147f44b5342af57715d0db4d7ddd4951c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52623995913e652c7090567a3fde6fa4

    SHA1

    3c750a7e35eda4a72d2c2efeea08e72d87847b61

    SHA256

    128f5573445f1524e1787341c01509d046d357846785cea701f2b86d4a2085f0

    SHA512

    7ff32513d234efdfaed7e8d2156fa826d671ee6a6bb7fb09b74acd0cb8a53e96c55ca8fead57efde48cea1ea71ca74053df2367170e6a4f6c49cf4c892707c44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0793a130a92a57cebf16f09f26034f08

    SHA1

    bddab6ef5020a5cbd80a6225da2ca031b8e5aed6

    SHA256

    96b60fde826ae785c8f6d8838afb4053ee4dde8cded5d96fa50838a0d4ece57c

    SHA512

    77638d4ed9d6a342d52c003e93186d516064c3d6cd14daa99eb79caa6a9622f36d3ad299075f0773697fdfe76a2fb41fa806459e3ea4416c420d20b64ed9ee65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    16591e51749a8929d6f4d005cffce059

    SHA1

    8e5f584b9da7520de72a5e0c0b37ee1ccd3ef089

    SHA256

    c86ed68a5cad95ead5c7f35ebd6160134c76326d9a9de654b5703f1eb422a4e8

    SHA512

    050c6cc7e26058d762ae02c618c73e0c92a76d590be3a75e22a0d2d9e970dbbdf4fe2c857811ed64a68dfb06c09b866d81755ac398bd722a4781eccaea31e448

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cebb988a3313e45a130ae08be3e27daa

    SHA1

    b2b5de1be8f9f02250509e5133cf63372bafca1e

    SHA256

    0d9311c5ef21c736d9b68bd0ae914a447b1058da3092463b54ef9c246229f5b7

    SHA512

    9f44af06e32ce980b1d1675dcbdf5f025e7f01d5fa7441fd9621506566bb6b15375bf7888cb64f2923246fb902fa83174ee1487f0d3ad851089752650684adab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1cfaba29d34477f5115fb4eb4e30ff1

    SHA1

    cc6712d811921103d1a401866017e1d0c808bc5c

    SHA256

    3aa8091082df6005a5049bef73ccd2b12616a6bd452a8eaaf2fc1a75e21ecb26

    SHA512

    f65de5c9947642165c575323f1fe96e23bbde0eebe21272ed87b9d0aaa1115a838b99f6900c59b71b7c9ae506f4a145795b075cc50e780d027b053b6abfc7ed4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4684.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4774.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit