Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ea0725d25d...8.html

windows7-x64

3

ea0725d25d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18/09/2024, 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea0725d25d69c289f3ae1871483616e8_JaffaCakes118.html

  • Size

    108KB

  • MD5

    ea0725d25d69c289f3ae1871483616e8

  • SHA1

    6c358fe7c9577b8377faa9414032dbea3e032aba

  • SHA256

    f48bec7da274fb196ba6533fe9ba68fc2592308f0f4f0f006ba4a4284ce9d751

  • SHA512

    deb8111c0cc4a6788567323a2290ebff4c33c9222b378425a33fd05179e8f4b4668b0f5e493328a696760d51bac6ff1851fc6429b30fbc29e8c0078b200b09aa

  • SSDEEP

    1536:pbMjw2fMk1D3O9Pj2fcnzwHAiRDLzZRSs7dcZgDjDtp:sNXFLP7dJ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea0725d25d69c289f3ae1871483616e8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1868
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1868 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bae457077f4c8de3aad5902d3802ca2

    SHA1

    15d5bbae008b2ced9239a6f0566b818744450e0e

    SHA256

    f7c7d7d7f0e53dd6bdd3ee46ad2d679d874da61f9748e80e3e78f9ce688e3e87

    SHA512

    52625b26144ac5955843d36d00b80de40d7bce79ce3e5e04c91461b97311936b0ce978acdab0001e0c105dbaa17f6b7e45e04b309e239ad9b1a30dc6170e0349

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a5434736915215ca8522673e279bf52

    SHA1

    e6a295f2a2689b03f8f6c3a5f83fceb9a926f67c

    SHA256

    a974863b5e3b90903aec89f8061f174f9eb19161831eea069cfbb71e213dfd2f

    SHA512

    84a15571346f9fd85b6d2856c74ba55d646ac7683f8563f40baad5df9cc25d33193f704370b4ae8b2bb568e446276473e80b0d45bd76cc18ac852e5e5101e33b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3aafa851fe0bab651dd4a992316a7992

    SHA1

    19260bb98fc03068d7a825ba102c430f81b65c05

    SHA256

    f339525fe8210d7412b9497e3ca34abc38ac337bf53494c7768c5fd01579edd3

    SHA512

    ce2f03a74f48acb9f0402070a2ab75f98b0369b6f8bdb7027a579e73f268d5ee10249fb9106af8f1f3599d50cc3567062df126d3c72c8e221063652386bb6935

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5455b34452b355d28b8dedc8bb375b77

    SHA1

    891316a071f24403b2e7e997ce47b26279936415

    SHA256

    bd689d0b1bde299a053c15b364f3cc4afb21c0a353fde69d0df037eca22fa823

    SHA512

    68bcbf8675d68ae608f9d55475d774e02e3e66f06f3177a7c7e9db1d805b4bff98f73b9079de4e9aa49bb815d06c3b195fd76e32552f7aef94d512c91ac57aa0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3670113e0a8106372fa1e7b9b6c6d0a5

    SHA1

    7514a79816b388f076eb2f84190df326032be477

    SHA256

    250f0c79636fa63a020c9f928f8389e70032730fca0c61c28a01814f05b9e259

    SHA512

    139c7966001becc44cc2c56a792cdf9b2764544ddb8be125eded1534a07473c1d06036735ce09b002691caae52a622ee408459aefc1eb9d085cf31a44799fda3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1aa9d8d5a3aa1ef9a1649b33d229d8f

    SHA1

    59a08a5a3b9e4c1532179b48d1a84722fe19340b

    SHA256

    213963a70581d180b370c2ddabee655e7ce9e876e68faf779e6ef09d3b013018

    SHA512

    494166965552257143a032e1cb5fba16a82ddf022b640948865476bc2c0e1030ce9c1bf2e34c628d4aaa293c4113d42eead8f1fb25c7a4272ab59f7c0d7bc8f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d25949768b1c8118c8fe9200055caf1

    SHA1

    1b7345b3e9b9b01d0d34d0bd7cc69df1c721e90d

    SHA256

    325c1aaeb8f4dfabc64a8d5d1b7edf9b365281d5199c744a1e961f72fc8b39af

    SHA512

    42d76a1f5d218173fa49d2b4baf79053da86bfab8947d8b15d91fcbcd6292726202bef3991eb0a1f79ec7ad3c1deb0b997b94a31a71c7d1dd51b0060a80993d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    691dcfb607feee8ac79bd78be78fd396

    SHA1

    80f956610834ea85c8df72f9c8456113083811b8

    SHA256

    5e7cb96b6d881adf3b060d53483716066441e1a2dc097924e5eb837b005cf177

    SHA512

    0893b9a396154c5f73007c4f3d740e50262b777a73121df274542a740e17cdd8a1654c5e3e7ddd120f5a0689e5c66a5153991b117ce02487c647607475712b88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ad6a9de5fa5a98e6d16540faf81b0af

    SHA1

    e8e709b5779c6bd309279d63217023720651a7f7

    SHA256

    abaa60feb0849b5111aac83c6337a5b089b89445150b12c8abc0d278947d98e4

    SHA512

    0e1977cbc8b7782c7457a89318b24f7959c34a0c8891a1f7ec51c875f1f732a679f6c2cd153c96d7d94bcf5c6795ad92892df412085b29a4b11542c5f578f3da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de75fcfaa971657ccdf6fab58e6a6926

    SHA1

    8b84e3c860177d498a93941b452775e56cc184db

    SHA256

    59b9eaae708a49398dd83eb68cc2de2ac54d5e3c52e8db31e4b745b8620eebe3

    SHA512

    b6e1b468a26eb166abd866c1e9c96fb26fcbbdd226f334df50718926ee3a5c913d9016227fd98525016e7f5e72124fc384e4374ffdf9eeace7eb87bb0917c834

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    48787bfba7c9fbba65503658793eeef7

    SHA1

    58297afdff4b03ab97c559a9890f82afeba11c22

    SHA256

    46cc00c1d7f6bf0376bc9fb4d41f355c272bbbd4259e2b25e4d69fdc5facf3a2

    SHA512

    cb3054544abdd6b90589f72efcd1769ddc3a9a7a0d6ddba3b40a8b495d3fba42e2c5a5627196e57777ae67c1a9550b8666165ef6d2c8767792cf52e488918092

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b888d56a16467431d905a526d56a2080

    SHA1

    256345f998868fad038b5d9b86268e0f133018f4

    SHA256

    7e948c539ad861c2557ec946e1dd6ed94ad4afc6a1a0723e5bbd696e4c7fd712

    SHA512

    b9b3bef360069b6b6ca68eaf70a5a0a4704f57bb857118186de0f1b7c244d2497fa004bc74ef1c5379da496cbee6e5234228d954b71e60e99b896f522cacec30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd4ca2446e1a1548d2339046963ae780

    SHA1

    a979693afc8d91d4724baf6b95710e63c1c1124a

    SHA256

    2a013727416224956ff9f75d3498b9a56b9751ccd72c34afb6cdcfdbc7618ddb

    SHA512

    68e95a476bdeea1dc180f903dbbfeca1d8307072c8aec9d186e4921f8d2c6d906e7e21dae81efb5ba7b622414c70d6338887b1affecc14eec3a9ab3ab5062028

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab43D7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar43D8.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit