Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

eb994801d2...8.html

windows7-x64

3

eb994801d2...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 15:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb994801d2aeb94ade2f8225a3b5396e_JaffaCakes118.html

  • Size

    213KB

  • MD5

    eb994801d2aeb94ade2f8225a3b5396e

  • SHA1

    87a3b437857011ec9e3a42cd2411a249679b1f75

  • SHA256

    7ea1c0f28d807f9c80839b4446816f4e9f874b39a57038323e68243973475687

  • SHA512

    ff13715dbcbbb2dad007a98c5926d0476a02d39400cfd0ab0f6fcaea72a55d4be02f2db25ab5986b57f3105489746a1616d93c40ade81bb94bf02707abc6ee1d

  • SSDEEP

    3072:trhB9CyHxX7Be7iAvtLPbAwuBNKifXTJi:Rz9VxLY7iAVLTBQJli

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\eb994801d2aeb94ade2f8225a3b5396e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2956 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd311c044b1cd1e965639b34d9cd8fad

    SHA1

    566dd22a3a20d84448f2d686be296f8e571f9f03

    SHA256

    8bd717619fe3e9f349ea0fcaa46aff56323a952a30a60f0e26bbab4002332dec

    SHA512

    b94c997685eaa5e8c37dc3abd867ad37991d0d01be5b0a5f1a67a411b709035401352c91407054582cc8bd5e10aa52f377d157ab0ed7a35e8a3a06ce846d6f6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0b2fce7a1c960f63e6e2aa047bd8c33e

    SHA1

    e991daf2a221c07db869b5e394882030e78fb5e2

    SHA256

    3536ed3e6497ded53b6fc025104c010ddf53d59211ac559160771f2bc93b43d7

    SHA512

    a5e0f4d7650b28245e490fed2795dd4e0430a77b0d5dac33f93c742688880f911382a4c3ff350c7121af0a7d2408e3ebf158bdc67704e105360433eff597ce30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5fd96dc048e2deaa126622238052e7d1

    SHA1

    bf7a8c067f39f72893f8872e74151b444a7efbaa

    SHA256

    86c3bf0aaa5597cac56f518bc184ed7b6bfe718b77f0cbad349d2a37ccdc7fbb

    SHA512

    2756d9d51ee350cc960a5949d17719756ed855612b80d632cc4558a3219f678d78e5ec005268477025c677eb310d8b33dd667c4cf61db987d9c7fbf47ad49c34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a8c0f78ee2f26898205d60338017d24

    SHA1

    e882aaf4f6b1e0c2eea9d8cd4ad4cf0126b8e37f

    SHA256

    57d659326d3911e2270fc0fdec8475fb6d9e36290f6f99e2f973c4d3fdd5cc0e

    SHA512

    a3eec284c024dbeca9b197e5ccdff4e0873cc7fb4136c78bbd56c357996732a04ba36515141481e0387cdfaabbe50d819aeb0dac86b8f245db6fe521eb386027

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c271a292f0f8b05f8b27cd328dd5ad22

    SHA1

    5cea551b59bd3581782786a8d30c6f5342299ab5

    SHA256

    9d0092301162cb1e691da1254907904fe2c0089211ee34119cbd37ed3397b9dd

    SHA512

    e95636e7589c417a3b8a5a5bf81fe82ac793fdb591da8e20ba68ec8dbbaba53015b7e0f8069e3c2aef1ac444e50ee022930bc275448db9f971d668f883c09008

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    614b7eca12af6b6270a6ff571c48241d

    SHA1

    73527637425bc3d6279d31295adac57ad3e13ded

    SHA256

    d87e6bc794b2c84a7644d84257194c6f02fc698e4c801d110b6ecc4fc8a600ad

    SHA512

    a4d0712336dbd48ed9a5d75370c41e971f6f3fca835dcebe18f61a8fa7613b7569ab573370042166371c70d97a746c6cd76cd9a804fd3bdfdf9693fc4e2fc1d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09d306ef17e38907fd96df3d144053ca

    SHA1

    3ee978fcb95acf303f6a8e2eda5075118b822079

    SHA256

    781910eb83b15b53e7b253e89a639f63a832e4d3e6898728243c0f5b4f36128c

    SHA512

    54fe8bd7231bec10c7e683b61a54ae0d4badb0c12a6ea82a8e0d12f9b5d70ae9534b143c01ead82c4afaa02d1ffd7985f3877c4ac4731831ee6945a493050775

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00f5a07ff68812c6160a1d5511f1d444

    SHA1

    1ec1a8b187487f11ffbb95358b2f8b41eec62460

    SHA256

    32bc098070d1b013469a9c260916145aa3d81157499b800d03f522efa2a0052d

    SHA512

    0dcc5513c8b09d40cd12e74dd155497088594042c5d348283f77dd228192bd202803754359c0c67f98452047f12fbfb0e0e018ffbde061280b910659f1a2f598

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    85c5eae42cb66096dbd0f7fc019527de

    SHA1

    64095b15181c042f7115a7f1f3e8bad131200375

    SHA256

    74d82fa8512822c57b1d21060e900d84d36cf3c3d8e16ca6a32c7c5dd242443f

    SHA512

    96e7956a2f56cc61c37ce5c8cf6026dbc76ebd12f4bc46437386bb1918b6c95a14fd7998458fc95913b712c08e454cff7f26e78b6ce4ed517276327f9f93008d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fb77f838ad7c6500a09fe06d64f6184

    SHA1

    c05b1be815e2d7e185861e2fc85562fd57cb7436

    SHA256

    33dc963facf297d50f4d30f8f10580c2544e9451b4d341b914ed261c1b74143b

    SHA512

    921baa74df5d5340e82e6feba253592b643903725dbecbb1cc3b04e8df18d5902be92a3fb5e2fde4f79b64c3bc6ef74adc1c2254ec6da8216eea46b829960a4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6d1fe9cfdc82a596380feacd64746893

    SHA1

    ee9a8364398971f97ab17398abd713397b533096

    SHA256

    63cb3f03eeeeb0a641cd24d43224443cb98474d5794b204c2f0a8526edba877e

    SHA512

    9d2b102f3f3c7919bd4f4601a9c4cffb99280599cc26f52e9ff14d54894ff3db5e73f86e5abaf416fe031a1549952e4b72686f71558f5c18c54571f5eef6d62e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6559326ca243301f9f82f74e0594c23

    SHA1

    3e029bcbc87212e528ffb3e1593c569af3089df0

    SHA256

    9f10e5b3f4e45ba456f51d3cbcccb1465068a59b47b4536d27ec31aa79f7ed7b

    SHA512

    88bf9e22c165a402bb0a23c85984fe3f6297d4c8841e172b59bca6f38de6b1143dfd18943b84d7bc7e913b32ac79f11932bd0117099fb12350bf5a722203fb10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eac8f942cfa5a769ad6d03cbcd973fc5

    SHA1

    67cf3b1f0f3de061fb0ec8b57022058bd87c1f05

    SHA256

    0f00c19c95ad396d42dcdab730bf4a00b83a1fac6fd996d7a0680f833a18889b

    SHA512

    aeb6e0785de5bfbab977d64dba51f66c8e830a6b9c0d4b4e57eb494babfed7a45788d3ad431468cb5f441e1aeae711121994927b0dd14e93f3cda8e391799fd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fc5da9e4e3c23bc0056c0c21cc3b8dff

    SHA1

    831c8fcff251c81560be1facc0b9a61e5f0f7cde

    SHA256

    25c41b74691cac5aab99a0875c2bf9500317c8a45e95483e71bc7de83dd494ac

    SHA512

    901682327cc8396c8cb290af7142ff67a25ad5d0e257c21eeeb719bc99d4007435ddcc3cfe1a315906b5f782596559ac03a26c75aa0abcd73c0d904831f5c30f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f664e4550a2e0ce87edddc71aa01c85

    SHA1

    9114a983c7cc266d7c0e281eaed7b1a7f0970092

    SHA256

    54bec2a63b348145e4342ed914bc85c3b7fb95513320917dbfff03614529d2e2

    SHA512

    e1f302f00a7e7eed7aaf5505a3efb83ec8bd9da752074891443f94fe181d1ad5bb063963a005ec0a8ac90c6de8d22d5b2ffb1cf6b15aa1a5eeafd2ca8c329f1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1de8fadf6bdfa59988e08cf4d4f7f7aa

    SHA1

    3aa36917c3534fdc3813b5a81d1f431119cfcb43

    SHA256

    5f93726ff94553fd07ebd76ea34a2630f6c0ecd5070e95ff110e563d944eb706

    SHA512

    7020feb6c6ba0650671c04a2510a0d7d07d6c55ce48411e0591d51cbb526bf09218c5ae297172b4c9e88ea83f369b397322b4d6b34e293bf82fc80d25d4c83c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDC5E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDCDD.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit