Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

eb480553df...8.html

windows7-x64

6

eb480553df...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    129s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 11:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb480553dfb0a9ac3455bfb78ca765b8_JaffaCakes118.html

  • Size

    1.6MB

  • MD5

    eb480553dfb0a9ac3455bfb78ca765b8

  • SHA1

    5cd7ef47a0d4c6311d026150c7b5a0cd223b86a6

  • SHA256

    bae00e9ff1b1da597e3fb591cb4ba96639ef5270688d775c3907effe0a380e07

  • SHA512

    1d68d447dca220a8e912ac0ec425122fb4c98bf6715b3da3937588a71f395d6c2ce5d03dfccdaf1d971e21ef7e34cd5e08a1935a88b03283c7f23317cc81f155

  • SSDEEP

    24576:q+j+P+G+g+h+y+j+PP+C9+L+t+k+m+/+L:n

Score
6/10
discovery

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eb480553dfb0a9ac3455bfb78ca765b8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • Enumerates connected drives
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    769fc1bb06bd2d70b27b2cfb3573f067

    SHA1

    41258acb7ea30871f2404307e9216efc8f49537f

    SHA256

    ad715c3e2e30b89a354b5d94d1ac7ea19d6615ca6cd106a35456296a4919a8e6

    SHA512

    fcf6e5274c4896373a4a5de5d6520417c14da599d7d6f4c490f7e17225bb7ae191c5f334055e7697d6b16c51d385b3251bc2c51cb6f796332842d4623514632b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4236a45f2b24bac8d00ce8344e5fb5f4

    SHA1

    05d637feb8bc547da8c600a46497570a150feca0

    SHA256

    26dcd09553c69369a8d5d306076276c75b34ef83bfa54bd728f2bc74f90105e5

    SHA512

    1956800ff7926ed8b71c5804a243d6fc66f5233cf2d0b6602591990b88a7d9055f97970b1efc56f1f98bfc8150996f41b03aaa1f07c6de7df79641087dbf28c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d07b27b9e6a7dd8032d9abe36e6cc20

    SHA1

    e8ea0531d7e6bba887947bec6728e5c74dbe85e5

    SHA256

    c786a635dac65bda669751aeb6302020544c1bac0f22de3a75faa3742015930c

    SHA512

    c9065aa6547f9be17cd1294c88f27aadd0e64ce5ceba64297a651f58e0e76f3ab2d7cc7b234e0ab8483ed99d678d56c92713aab73d7d03895c748123de80a20f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a0006d9619bb46b2a8109bc970b5f40

    SHA1

    5994e7ca90b7ae4ce6a29872100dde54d462126f

    SHA256

    e32dcb4c24ea535f944c66fe852d3e3e9cdb67664369281a56bea9e87e838cf6

    SHA512

    77df3dfdfe52b8a9fe5b2d27b4071d08c65c1c9cc4c78f976854b8c9a294bd4809d7462248a07e3583ab5175906134f9ab4e58166645216645b666c333564353

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36452cb4cbe6e89e449d1dc65cb547c6

    SHA1

    cfdf989cc30401ea3fca0d0df0fdd24043dcf094

    SHA256

    fa61c05b00b92a3e285709395628af566639acd5df5738f0939a06e6c45dd405

    SHA512

    ca3fe3429e8c2386a88306bfe1b29398b1da472b902a8751c66d5e5db7a6b169f417bd3a5c107a24286305cc7d05914722c5935becfbdb38915fffa45573e682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70be8f6f27efc67cdf7113597760facf

    SHA1

    965efe9e60d0431adc8c45ebe118e7c34383264a

    SHA256

    aedc3a465bfbe161f5a93122f9586bf989a2ec7b297bb3101998f422d240ffc5

    SHA512

    86bc91b894e6b2ec93e7d6f49426a46f1ee64b1e3f405afc126c8f6404f90f075b432cdf883509f83f3a5b9ec6de2a6e114bb3a0db836ad8d1b7528b154d0cfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df190b2f038e96babd82f5ab58195806

    SHA1

    ceaca9cb2fa1c97bb1270cbf4ab888226d05d756

    SHA256

    844bc8d262a166d56149bb4fd63ce82af522e51aa33a37329655542f9b11d9e7

    SHA512

    d32d1a3931067259bd008d53853f681ce6ff807ef6d61c9d40b875508cb7eeb165ebebb3a6ae190f91887ea9f0b2890eb5017e40be757d20c661e01bdd521675

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ee911a86be50dffc6d80b459051ec6a

    SHA1

    48a8bcecec159a595666c44bc0e19e4aa0505343

    SHA256

    127be74da4facfdb32c20d0b1d9d1f35307d62f8ac6607601a8340bc5f9f061f

    SHA512

    74c068a45b3f08dca035eb77a781be84b954c45c8ecae867ac4efde5c36a3247f766c4d85e76ae36ae45ae2af3b27dceb4547f085651265ea3b35fe27f97b99c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    070162dd7a79110221749ccc66cd6a6b

    SHA1

    c3c4a7c9848fdd544465bcbce76ec9e39365f192

    SHA256

    c9378087ebc69775e7c1be193199ae2131e8e791e061f2beec4785a267e54666

    SHA512

    c91aedd988fa44e8d810e1277cf5842264320bfea2c4dc6c179f2fe1e77e88ffd18a35348792605431da9533503259b727609f05253259fe5993f5b34aa0376f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1ebfd6af09f5fdfd32967e20c821ff3

    SHA1

    6087931efe5717a141da69bf4717d40c8e2bffa4

    SHA256

    a1e6d8b6966193932fb008d172e9f7f9b5f7652ad31b9f19efbb620168fba2ac

    SHA512

    6645774792320eabeb702250cbe9abb8491224ed710195b2418a72215582ff1a78290411abe3fc943b65ccbead7d71014d138047c8b046558c1e50c9f6b9a2a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bbd5b5fae0cfa2ec3c94ecb378e5f22

    SHA1

    e113482191103e8ebecb139b50a49063a52da950

    SHA256

    c3fefd6f9fd896d57bdabe62009ea204f5302420b544ba921c5e2cd0f73fab88

    SHA512

    06a335f985525fc3fe46ec828142f741c5dc7984e1ae929a9e3fdabfc2b533efb39c691106124ac2639cc50177c587160ee1a305b8c87d8f9fe332af70f78f03

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56KJ964X\btn_srch[1].htm
    Filesize

    133B

    MD5

    314417833b0d327beccab7cb68cd4f7c

    SHA1

    f6bed9edc9ed8e9ff928194670f5ec3eda2763e3

    SHA256

    37ed866abc19465aa2172d651bbd3ffe2836add54ba3065ff7189f1a75410d9f

    SHA512

    c8645c0528d9b7309b2d6870f8250384654db64fc605667aabdc26d8429a1d03d3306a3082b22afff395d2e1669317dee96f9c6dd839ca440283cb2fe1a223ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3268.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3269.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit