Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

eb6211b465...8.html

windows7-x64

3

eb6211b465...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 12:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb6211b4655b3c77a7b3c7b408b38369_JaffaCakes118.html

  • Size

    34KB

  • MD5

    eb6211b4655b3c77a7b3c7b408b38369

  • SHA1

    7143f9953d165708185ed2ce7b36a81bb83a2544

  • SHA256

    5c3ba57105d43f62997f10dd1f160335586fea7e585a586964eb55e6feb772b6

  • SHA512

    788110fbad3c64baefd2f008515b1f51ff32e6203492a0237af03a01681e4e56675b107bda8c6ea90bce82c3e359133214f4de6069c51dc38d64faa4458e7e7b

  • SSDEEP

    768:e7EpFwSXe6eDewe7eIeygjI1uhCJC3CNChCICrC/CvCPJExBq0Z24HLx8lFAFn:ewpFwSuDqtClpjIqEWmyP84yiJ4q0Z2o

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eb6211b4655b3c77a7b3c7b408b38369_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88092b2bd845af2b791145077a9bd3be

    SHA1

    2f7251499741b47ee5cc81f52e52aa261a3a7c7f

    SHA256

    f2814777de1dcddd86ff22bd46c51011a2298d2d66e017ac9380300b10b1536f

    SHA512

    db0c54b2e605096a1da5ce9521d891fc0d41e73a86ac3d9f891e38f3e7f6f5de2270e778c8a91bac5983aeaf531a0a0ad1833f362bfd42deafb790f9b81d6cef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8698a99eabfa4b8571fd2d1338735e5

    SHA1

    35efbf475930354e42b2210660ab4f454ba5c035

    SHA256

    a3ea2ae293b12d22ec7d4d4e1de82bac4394435258aafc6390d7e455a32a673e

    SHA512

    9df5442dd567bb25a8f3ad095ae385decf23764dd90c4cfa3044cdfa82494cf52bd6080972379281c73fe90edae1032f45fd78e365f38d02ba16e5f925ed5df3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9ed756713c53cde978ce31d815b880c

    SHA1

    544b3b1bd406a166512865583be08e9a5cc7dd51

    SHA256

    d7d35d28fe9def859f918e84578a3bc52717713c933224e62bd36543cef60dbc

    SHA512

    b1f3c06f70ae10b5df34fc85224b0cca4b953150c8e8ac44550fc4ddd6b6d907bb55555bf6f693d4f7c1f33826032cb229f3e768c1e19941741967b1f4478de5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d764f33553916f6204333a2a5a780510

    SHA1

    57b3ef1e833210c2f0d514291a0dbe42cf21d5ca

    SHA256

    f8b15cb112d4bc92895fea9c71be4df9acdc9a3213f913efc8d1d6480a2b0581

    SHA512

    6232b68ac7a130e9fd83c2765d68644d8c94f3ff621f704d7ce82b45a6cdb84afc9855a4a998bcbd3ba8182abd7afdc8a907178bcd4a2cf0d3e5b9f853af6e0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f94c60ab24c8e8c6589a7aa4f38b11a

    SHA1

    98dbc1fc24b5e54e7c8966e53c2a564268785c1d

    SHA256

    63dac16818a33a379a59b4dc48945dc4e172fd30c952e4548a3ff87d979b61ba

    SHA512

    f7bbb81164f39ac2f0fd5a9408e12c1d64b87c21de223b2c6bcb87f63e2a9543105f716c1dde3e6cd0c0abc01bb8e0c8271663fc51e654e18a7d68ad910b9d79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7f643b8697f5c66d0eaaa3fb2434c3d

    SHA1

    06e8d659565046ba72adcc8fec6fbb32f411fa65

    SHA256

    62a487dde47c12c98653a13c3c032fcba3a7234b9fc77bd87c4e8bcd8e8e9336

    SHA512

    e7e6ce49fd8727f700701a644406e63d89a6fbc2a717554d7840c9c63fe9667ea54043a7564af71412b32a4b241e5ceca895ff41265dbbf84d537e37f4d39779

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81eb7bf1854a4524d57e3de40d2eed6b

    SHA1

    d37eda526ed1de204d5a5b1ff21725a840ba44dd

    SHA256

    7c9ec97c48f2aba1367b89725384b68794875592cdde8d8b812285ebf544c918

    SHA512

    de1f0575be1bc2db7a7ce1e87935721cd86a4f6c80964c6336465a91d98d1baf0f608897a47ef7aa6e97e493792e389182a3d1eeb6ea609b10d62e367e0746ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc6c8530eecfc012304705934d6d96b2

    SHA1

    1bcd8e196fa3cdc9558d56542324c1a093e27494

    SHA256

    049f930b7abeea86511db2d51a7b38a3060ac64bd041b75e33abf23385a10225

    SHA512

    3393becde46b15f2a1083ef139f37be679aa558c0c55ebb570ea5a7200a54d7023a88c43d127bab7f74eb0e8bb60a5b222d837c596fe79bf3e4d41e1f450b07d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a679ed4034542a9c37dacfa8541d035

    SHA1

    2467c418eb4cbeb679a7806d6291b00e9b4f4c1d

    SHA256

    3cd7092353ac2784487dcf3c6d1087c152d9077d373da651ffb311b3df670dad

    SHA512

    24300ba99979befa7d5dde19f77133cf86c60437047e8415a8246b869b66a35fd1070e2c3070426cc3181f20979a6d8594534fade576f24bfa5392e11e92018e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb1797edcc1b9d3fe35511ce12ff513d

    SHA1

    3be379f5f6718cd75865d6697ac41e987d4fea3e

    SHA256

    9eba8d743d77655c90c41ea9336ad9cf095bc750360bf6b2ad4a48d19f3b5170

    SHA512

    aa26f855e75d6681b139c0bc066bfa64a3c50a9e9aa70087d8ff864d13d7d014b31bbe5403eb357010be5908892eca938badcb76a20ecb41f357f62b3d55bb7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    610ee6ea72c27d6b0fcbc4e59d61a561

    SHA1

    e5cc4554b5f2688e87b21023ce09d7ca3ab4b395

    SHA256

    1d27ee8c54a0e55104138c3a3802b325ffe84ed51c4e9ae4d0d0c1ed999b543e

    SHA512

    695268d0ead1c14fd6ae895ec78495f3c149eb66d8596ad064df9409a0aafbdacb15ee854a52f9f280aa05d8e6c400d846db53744bf4c1b8b3849d14265a4f80

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab24C2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar24C3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit