Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ea18ca64b4...8.html

windows7-x64

3

ea18ca64b4...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18/09/2024, 22:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea18ca64b40ee39051cf41859326186c_JaffaCakes118.html

  • Size

    21KB

  • MD5

    ea18ca64b40ee39051cf41859326186c

  • SHA1

    47d1821fbefa060120e14a39fa5cc7f770ed1a2c

  • SHA256

    0fc00cb65d5c6594cb6f0b5d75b1fdcf404e8a28ac1a1005f0181eb1948b1e3f

  • SHA512

    138589532d00a8a188c818fc1e5921c4ab61a65f594250cc4f5836b8603890e07c816db4d03c2c06978286c8957a74aa42e79b7605bed2b2e110f643aeb0fb9a

  • SSDEEP

    384:ISIfdZff6jIBlqoLsE2De5pmZJA5h+DiJrEuw:ISQZ6jIqaD5puJMh+DiJrEx

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea18ca64b40ee39051cf41859326186c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2760

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a115ee6bbe3f2dd1f3e1f4ac6db5efff

    SHA1

    544a52c37e3ca6651f4bdc3f79a46b0a37984e5c

    SHA256

    84f111190659213a0a39a35ef18f4325644c6fc79d6eefc07c84531b6af48a74

    SHA512

    e478a111193e3c9312646da4475c034995bbfc0e98dd2d25607d72e61746b7eefeac9a53a68244affe6a1e384c352fa501c4344c87899a5432f3100836538412

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ca19988c830d17a2fb9bc2410ab6998

    SHA1

    c25fd42f8a1d7e1ff546398ca0e1d483ec3b4110

    SHA256

    e7970f75beccf488aed0c5ca95237081f7bdaffca688f6b8dbd1cdfbf8bf3a84

    SHA512

    166910e58060e1db1ef5ef0c3511868ae7f08558fd5e81907443bf584ad4206073d44e2e73cf518abfd331016f69fad589518eee8c8e5c391f564e92755de014

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    849f7ff8008c85543267f51869134abb

    SHA1

    673eca0d9eda54956e1da945d8fada1bf804110f

    SHA256

    8f832fff0e16aa2dec9ca7939903afa1d686106893f9de25a4f848247bfb5716

    SHA512

    a18d817dde9d3a76d63417c875fdc4eb6e14d7d334dedb0917d0b661cdcca165333adaec31bf108e17878436daeb9c21630ade57501af2067aef18d9aebabe56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6be1b8f516f719cc634c73e1cbe3106

    SHA1

    e03b4e138cf2ba3de3d32225479a7a086909cb97

    SHA256

    f9fadd51bf839893ae7cc043d6f95dd8afdd268d087113636548c60c0be7bde6

    SHA512

    dcd2272be932de42f76fc2b6fbaaaf4b7c9a2a79cedbaeabc698b008a645994150e968cee48c9f6fd1dd88fb9599c4183cc600d8e144a34221f497bb13fec729

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    638be75233d2a28cc122f71b719b03cc

    SHA1

    3e4736f7e10974a264c87aa5e5d1740b85019968

    SHA256

    abad60895a116e75ab2355f3d8060b5cacb31bf2a03edffae90e780197febdd0

    SHA512

    49b1c65b70e448e67e5f1ba4dcad4497f659381c41e2ea65334dc0fc921e3b6d3fcc4478bc9ed650e2c7fc7d0db2ed91c6c399f43b8d264a925a2c422da2eac9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2046e6f17284ff2901f512d2203a14b4

    SHA1

    a562f4feb5e729f6ab1c2681c2b85a376af8fc31

    SHA256

    bd9d31066d17116d5f37dcb8bc99a7c2ab4b25ce2767f0d180d710998ff18216

    SHA512

    27beb22ccb197c4346ee9b61665daba621b12f2180120d0ee7e59efcd2a4a39febd627613107e1c55065cb874f106c9ff66fe3d14fd3c484418c70beef46c446

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    495f9e9e3f8f4ef202c5daef86c77d0a

    SHA1

    3ae632ebcd7a1976e9b88fd1b52ad089aec29789

    SHA256

    bd735717d3db61c5ccd35cd2b9bbe8fb1696b8536f210f1c4581fb2b9f6160d8

    SHA512

    052d3dfaaf63331869c5903a29dfa05705707b3926d5c59e2042f3a57cbd4a8d1cd07fa6f52fddba3cb8e08d9a1058c44a7260fdaba68f0c7e7a97cb8e781b73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4472b148785509684d3ab74e1aa0ec8

    SHA1

    eec8a343943a8ae616e6e3d50128601c6e7a8c30

    SHA256

    916f6450ee219339017da215adde4982399bef88b477b7e7e03aae3854c24bd4

    SHA512

    ac84e3ab289423acac1626c7fbe16a35fb36ef146a66cc4df66c18c3a5dfd8db7f96a10a39c976dd1b45c6cad8d1606f9f40cc695d53e7d9c5f655d8d634f5a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c6a7a2017c1aadd4294162ef84b199ca

    SHA1

    c91ad1e3496fb44609e32d461c453bcd2b10e98f

    SHA256

    472924fdede0b52bb8b920e3dfd712ad80ccce10dc345e373ad8da0194bbf876

    SHA512

    f5a6034bcefcc604475d3e2a8e85abe5e6ea237f01dfa64ae4e022c4913f1978ae4c89bd2fecdfb7dc0d6d6ac2ce48eac083b6273e322668b7efcdfaa0e758ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf5c9ca8f76ed19394e16a1d408252ae

    SHA1

    9b396b9360c1bc1980c7941c22ae8f8ff5ce13ab

    SHA256

    579f0b75c011fe89259d30711c84cbf2e3987a70735783b3c53c08e6f7b706a0

    SHA512

    ce14d91f29674b766b4bc998021af3b8f79f7ee1cf648c27eab5a2c7a3f55ca8885bcc74b30f8b0bc36a79034618d1b231ed786c37746831da419596d14d32a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCATT3E5\jquery.min[1].js
    Filesize

    89KB

    MD5

    219073097031d9c1a95a1291d66f3a10

    SHA1

    2b7996b01d90b7f424f2a2e6063947461db4b2b2

    SHA256

    232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef

    SHA512

    9ad2745f96cf79a4d59393cc3fbb3958b244013f6798c12abe41e37fca80df3c7cedab4b47cbd197645c86b31077388ec8f01ea8d67c5feacbef95b1ae7582b5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab540A.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar540B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit