Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ea6725b624...8.html

windows7-x64

3

ea6725b624...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ea6725b6242551b42f263256f6a529e7_JaffaCakes118.html

  • Size

    68KB

  • MD5

    ea6725b6242551b42f263256f6a529e7

  • SHA1

    5a0b74f0990d681fe729f39e80ef3ae85ae7c7d4

  • SHA256

    8b1e692e2f75b6b352807e9057db3b2a9962010d30449994f44d99d313109c31

  • SHA512

    6269a803a64dfcd892364777e88f26ee6168df683663b833bc8d71404e814be55765fbfe2b4e7fe40fe832cbab1b8b363908c3bf86f4a7a11850df3177d59205

  • SSDEEP

    768:JiygcMsSZ8tN99OIs+qdS/pw7VsQCZkoTnMdtbBnfBgN8/oygcRWQFVGys//Ijk3:J6W3w7VsPec0tbrga6crNnz8PJ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ea6725b6242551b42f263256f6a529e7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2744
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2744 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b258107dbf2ca927476ee42858c08a34

    SHA1

    8719835f2a746fbfe6a4b34237379d949ebceb4d

    SHA256

    12fa268f2cacb15b51bce925647d7fdba76273240f7243f8a8194f2a46ebe116

    SHA512

    d862547fbbee7aae09f631d2cac407fcd5bba2d551e0132c9348fa06c432de52cf630cde217bda48bbf9d4d9454df225d005d281df16002dc619762bd3e905ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6483975ff28e7e68a617fedb3f1f1a89

    SHA1

    9d74015404a96789f7807e609d54dd5554d6f595

    SHA256

    6fdf9cc750da896e3922bae5e911b3c62a739a9f899225360e0bec8c061b8c87

    SHA512

    52b3d578025eb80b7c60a4ae70df6777ca547c1de799bce84a249d65b43ad20c304789e87315f2a3393efb13ea9303f60328acaf2490372a038d83b2d02d20e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcbdea6b91c5be9805769436cf9a6832

    SHA1

    321539cb00277af93df6d39677be52f0078a90a5

    SHA256

    fc28487a519b161114bbe19f4dfeb90fe322ca31eb90ae4fee0aae5ffbb0eda5

    SHA512

    74978013ed22ddbc6abc48d7f8e5100aaebe08d6610ad449498d6d837444b1fa623876c733d3b9f0c8d9af8f3c546ec64f39fe0dc6569836a8ca12802489d787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a11923cc7c766ffc366a9313e7546338

    SHA1

    49f4066971c806e68047ab7b6d933909ded1f625

    SHA256

    edcd18abf5caee2b177d30e48559c939d516e45b69b31809441668d0dac8677c

    SHA512

    a726b28ec5d82ffd08a8568593fb6eb4e8cd2145d33902b6a56e22582f16eee16c5df57021a0d002c626792d049e072e8fa2c7d2860a99ed05fe0b675776772b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c590f1212587531c93e8eb79f194810e

    SHA1

    81945ea65fb06ffc3122bf6ea7c7b11e03ceb504

    SHA256

    003b4154918e24461b5de7aa2b977c4037327b7a175e11152175cd9389081260

    SHA512

    af82d78ff9c776cec31cfbab6eeca5d64ab7a5ca3f3d000f3d4112f1584195a6e0465a0bfd202e0579eed36eec07005b32b5257baa986e11d6842c850ec3fa71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e3dc21ba1943b1058b725fc0ca0245b

    SHA1

    09db1aa7e1b11b794d6fa88fd45ba701de72380d

    SHA256

    28fe13d133cd75e4cdb5527fd4b7802412e0dae9e40296c95430a532fc399e61

    SHA512

    5ff413b00a2a00d668df92d8a36a7de1819b50eba0f16dcc0e7536094bb1cc47a4926fa721348b21a0e4714a2b54986a5d058d631c5beeb81602d0f7f89f8191

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9b89befd000328e706f0e4e26ff0b88

    SHA1

    906fdbb6cd39887955c75eadd97f85584ca251e5

    SHA256

    ca6c601fff36bcc29c117adfbb26bcc27ee87cd0db6d64dd60f617c4a3181941

    SHA512

    0a5505de450ffe3576d3757817bea172bc421c3a94222b48d68d1c3cf4ad4efdb2db9309edd977752a5d1fcce8816dd8b2593b5d99f5e32d1aebbc9fbf369e97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f7db99223db4221b69372f0a3a25974

    SHA1

    f87dfcf4878a27344e6ece442116048f0331b61b

    SHA256

    07c7b481194906dd3a034aee0b3f271010e9af520e273c01ade832c386f2f0ff

    SHA512

    f3e0350eed7d005a74addedd29dce3c7303dba26e309ba857694f516d3dc4c3c2f0530c3d1e779215954a4bc78b5dbc28f500ebcae9319f20d58c8ce0b78ba6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3c3febd1465f508d6030412f4cd76be

    SHA1

    461e852ee20936591614b5ea5360fffb427e42fb

    SHA256

    a92dd22f92d7238721a68dc729613810502faf8af4def22c865319347f1bcbeb

    SHA512

    82f981ad84faa241c9db161a104b0f7f8d3631ff20e509c27002bf3f1946a8093137fd4f8eb52bdcba1ea9d4e826fbcc3c66e19f0926aabbc3cda52fcc55a8af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    532645af6c80c2600de5190d1d217e26

    SHA1

    2803f1a7d810735e4526f73b574492c43919d50b

    SHA256

    52ab1dde77859e29c274eca0b5cb54eb8d1916d0aacd5f2fde3cb084286ecdd8

    SHA512

    b0aee2325b9c8ee1cca5ed0d829fff092bd6c47e8ec18805db3c828e3e950ff3e9f507eb8f4a3195237a64c59a68dc335c27a82790c946209edeaf1fdd2e92ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7051.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar70B3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit