Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

eaafb0a003...8.html

windows7-x64

3

eaafb0a003...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 05:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eaafb0a0039fd22a5397480823d05046_JaffaCakes118.html

  • Size

    200KB

  • MD5

    eaafb0a0039fd22a5397480823d05046

  • SHA1

    85a824ce2307c1dcba73bd5e97374c66bc64b998

  • SHA256

    3e725ca4634c37dc953ab1e26a23c58ad4799f95bd6b91a025872d29ed73dfce

  • SHA512

    4c3f428b1ffd88876eec9ad2b3e29c44eaae38e107274a3f5f5b648b30d82b9479798217dc92ac6ec65d407240bd9277cb0080c0382925f95bd8fb2b890d19ac

  • SSDEEP

    3072:ZxVveUCyfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:ZvtHsMYod+X3oI+YS1tA8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eaafb0a0039fd22a5397480823d05046_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2588 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b50a7810c7682034091b3158f992fda2

    SHA1

    b1ca4ccb0d088751baa737d508fb2632983546ad

    SHA256

    78641b3369504572e4344d93cd636ea46628450b417f83005a5e593c0886bc0b

    SHA512

    b95dbe17ce8571819113e1f3d87c6b4bd551d614c9878b5c79c9c156bed86cb21029030fc460ad7b675599a2d4cf420d3fd601262ee52a0516b5763895b58be6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bac49587f36cc406c3ac10aa4dd55643

    SHA1

    bf5eb0c132eb72e58aef2260728c8d2bfbd9c352

    SHA256

    1912dc7772329af0875bc0fe20d9661f2ef66bf90a2eac9ace623ef7fcca7c8a

    SHA512

    67f6e12144c1bf8d527e81eca41266d83d1d406c2b9bca7ecefa218bd60d3d258dc03b4f3e6c10d5ff27d7f400ce1a60dc66448a911367402e01b5c45cc77726

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbba934c263f50a3dbe7690cc31bbc94

    SHA1

    0ec54c273035be4a214e217032680cb170f6440a

    SHA256

    a0c481bb547b4342d226e56a11e7aef98847160467579cd5601527ef15328308

    SHA512

    8dac79903f0a3bf220f1d65b75182bc7771febaa047d79571dd28033b20c1624bd514f240d0047c9f810d13957f3d382622ac10dc0fabbcbda95b1516faa1bd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    151bde5c872760d561c4cd74d32a837c

    SHA1

    17f00c842f710daa86ed522dc2f42c56cc31b632

    SHA256

    9f13f201a527a514c574edb25e6254747c4441d6239e94c00cf8c54605df763f

    SHA512

    d7b8de32c5534e721016ba9975b39c1a1a5ed1a410192836e9eada2c6a3213c051c63bec30e096e64eb97365dbbe7705aaf9cbea7bdceda0bab7a2ee4310ec19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6eb503d6eb9294e38e471dea631d1f2

    SHA1

    1fae6406d844b55a541eec45ad336dbc0316adf2

    SHA256

    b0a08752cadf958e34bb70a1cbf6b59bd5e9e119cc60aeb7cb38c7558708ef6c

    SHA512

    974e29b1d9c5f68c0af90478895396d73dc9871b46f3a523084ba64a6474d5ea6e25610a1da9d0587cce7e084e01695cca89ad997eda6463c8c7b3c4f8cb655d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f04450080a8fe3bc84e8886b8189cc2b

    SHA1

    46220b64b7d868d865619f5a7bf6d3d642fb58d3

    SHA256

    e114b439173c29365851df014fe29f9adcf453186fb6df0a59b803701db022f9

    SHA512

    f857845588748504719c684eada70d6eb0d4e655737500295a25c0e241c6ab3f549ea160c2f5d77c6b8dabe30fe6f1640b4ca1eca408e8e4e6e11dc8797f262b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be968e93f766b5a2d63cdacad33e0a5d

    SHA1

    67cdafdf9990629c6429a51835a7ecd7a398bad2

    SHA256

    8ac6b062e6aafafde287576c7620c43fe454ad0972fd1a7ac0a3303ac53e72a2

    SHA512

    c282ca9ae11dc4efe5345b17ca079fcd6d04fb7a69d4f0f977c70fc3d0e4f4fbd89df46d3180b612b063af373c6a0aa746c2a5b4d2273ebace02a8177b99ed24

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a2ada6fce1bc0e2735e67d91b673016

    SHA1

    5e75773e593644a9fdf9e6949a7fa7d82907843a

    SHA256

    5072a83be8de6884c74e9f9e050cd5ac9fe0051fe813dbb32ed75ccb1dc1fbad

    SHA512

    6220f980569ce043d7616ddaef12830bb9a0700cb1b6498264d273122d711fd59e964e5e6cf981f098254a175a128b6de950f4ef75999f642958a86e62474f07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1e8954f71ccda85cfb4de1a8e375b31

    SHA1

    dd1e7d0db3643966b760585aa132fb11ba3ffdfe

    SHA256

    579a6f8cf4e8789a698f1aaf162c2893608d85449119e744f9f202f24fe2b26b

    SHA512

    553fafe7a98629446fc5174a674fe52899ef56822f1357dda5c84fcb0788ae80f52ccc0b592229c8d51db8f7e66932fa4298775857a1b755f21bd1331504f506

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9953.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar99C5.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit