Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

eb1cf39a7a...8.html

windows7-x64

3

eb1cf39a7a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    130s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 10:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb1cf39a7ac9614d8363523374cbf42c_JaffaCakes118.html

  • Size

    19KB

  • MD5

    eb1cf39a7ac9614d8363523374cbf42c

  • SHA1

    848d3f165b94a631aeb827fa38dd325c2cdadaf6

  • SHA256

    c0303b281ed4a919cdeca2038ce48f96d7798392beb51c9cad93b72f2ef36c6c

  • SHA512

    9957c927ee715f29fd53a88effd10436217d327c75624e8b5232cbe4da8869624c524adfafcc8429d0b7b209728013970fe3ce6dc1c1c3bbce26a0458ea8b790

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIA40zUnjBh0O82qDB8:SIMd0I5nvHJsv09xDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eb1cf39a7ac9614d8363523374cbf42c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1796
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1796 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2464

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    feb7b770d5af5444d87eccac7715ba75

    SHA1

    5b4170cc8de3cae9a77d7a42358134e81647de9a

    SHA256

    e0c8038371c2431982a01794cd7e0743430d23008a9bbc289a9dc2716cb5001b

    SHA512

    8b50e1796b053a50b9ddfaed87b45d1437295cf0144a908231c5b2e3b98672883f97afba41fc95023692a32ae59d5c60631cac6b93986d163a59560a7a07167e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05acf8d782647e27d19a87e695f28fcc

    SHA1

    b81811f709fedc3d91f65bb0d23cfb6a6433e7ad

    SHA256

    1e6e0dcf20b924cba44ff05b676c9143eec0f1bc4cdf4a6bd8b83ad32b591a22

    SHA512

    fef12b735bf24648898bfac82d06ce01b4c0af1275c413ad1a6622646ca943fa10a3c4897d22f32bc123031d0c6f528732d906cafc4a3ed6f17fd5c7109d030a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72d4beb878e5e42afe33160c83f37cb1

    SHA1

    64bd60de67738f8997b74527f095c1f024628a66

    SHA256

    378a78eca68298fd3b90457883114d2ee22c9af280bb6bf7936ca5a90c2e37ec

    SHA512

    74afe07eaddef4f3d8754ec4011a109212abf6e08b21a514e42b3ea5596a1953c2a5d3e2d78472db0a1f1bdb18ad94faa502bea548f8f8b471980b6e76ac12ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a47b5ba2698752a9f2af3ef72c36210

    SHA1

    1a2fe998887cf1d9e080416fa9e4d923a0089839

    SHA256

    f160d34fec9bcf5429397dd9d897a2b8ec02a55ff6059cda1e250242ffff6ffc

    SHA512

    954530914523423344a6b31a924c9a7a2b55e6b2ecfd1bdfe2ccce18a221617e45e1ec621137ae42d7299fb09d06550cdd1fb75a8ea7c0ba4da7173e5d62f699

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd1f06ce2fcd242e136c8f05a6e33fba

    SHA1

    d1bdfd9b29aafd7c283839d7916a71736e7c6ff2

    SHA256

    b83d29e1a1f179b75ad02ee5f3c54133aee9c1bf151cb4b8b5dff03da49004a4

    SHA512

    e561af575f3eb59e48e4b0a6ffd3bb7fba6b886357affe63370be61bb33348cbf17d6f56dbef96584281bdab62b864315fe8603918bab62d517e39aade40c004

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e39d4bbdba1ad9a5b3ad240875a1ecb

    SHA1

    69ef2ff433905afb1f29e14abfa32a6c7a265952

    SHA256

    f7c1b817c4a252857b83f156f6696aa16490041dd9ae6c6af9a92c73d7ecb5a7

    SHA512

    3ace93a737a40d5740e0aab53a858281fba925d46e4e745ccc76827e828445960fa895f8a813228aef34ece3920d9991e136b7bbc64395f2687f7d3afefcef36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    791b39daec4aa2e3d2cdbeb82f78211a

    SHA1

    5b842fddebeb2dc79a242d6d47b82d70f7883016

    SHA256

    a58d74b4fc48062472510957fb23faeb88207829d2b08374a09bf720d9baee64

    SHA512

    f746f0a1638440ac42cec122075a5b1a439bc72bf237aef99b173626c65b4b643e6f2dcfe8be9849831e15bf1578285c1746d2b9552fc6f2079808d584dc6aea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73b9b0ea5acc21c876533e1a4a55de94

    SHA1

    656d224a2b0426ed273c05f158c49b7933f03a8f

    SHA256

    9a3c355d5d2cc4c9d4b0d5d3df200f7f23568ebe74e06a042ef1a001a8494f83

    SHA512

    05b4ea43971bb5e76f80dfe60a7690f8897a49cf1dda50b7d5284b52c4f238a1927f511eb4c2dbd7d89815b561531b491bffb1895e90fda00052365828adb5f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70eec4e4ba3e232a65a6d69c14349ca1

    SHA1

    d96cdb1c0c0b5d43068fd7a46eadeaf756c747c8

    SHA256

    9644b2eaed419624cc5f5e4f142dd1e446437a31bd0913b16a0ac1371c11304c

    SHA512

    a57fdb59dd4f90e8e2fcd2ea07ad9531978b7f84d972683febd293b1b6091d9417084fb8ca1207c682df717c00847f1d8c500908df2be72d21e5d7160f46abcf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD98F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDA0F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit