Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ebac3ae383...8.html

windows7-x64

3

ebac3ae383...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 15:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebac3ae3838cc3aab9ed54d6c8f19e41_JaffaCakes118.html

  • Size

    70KB

  • MD5

    ebac3ae3838cc3aab9ed54d6c8f19e41

  • SHA1

    85b8beb2f487cd8e2eed09c96d4a0975a4373f07

  • SHA256

    4e87d69ea139e03d67a8b0bcd18a9111aa00f5bc5700288e6c407da8340aeaaf

  • SHA512

    194eddc9d7d164c508fde0d6b4d8599fe6aa431bdb934a878813c6e4da2d0d6fa018b0a74f4ce3715e698f6d2db9e9d9839966e3552e5f085b86162363be65c5

  • SSDEEP

    768:Jiy0gcMiR3sI2PDDnX0g6sy60RazFaOUuoTyS1wCZkoTyMdtbBnfBgN8/lboi2hX:Jtgo/CTzNen0tbrga94hcuNnQC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebac3ae3838cc3aab9ed54d6c8f19e41_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1464

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9acbc72bc353ff2f406c0ecd73ba8d3e

    SHA1

    256416ba9bfee8505bc3a3036f87b54913288101

    SHA256

    debd18dddb4cfe7ff6fd2cad280a3979ee517bfb5d8a3f9b976488b3c29bfc43

    SHA512

    08ea429a39cc3a5238e29c9e459a8476d4cbcdc32c8401ff8b9cc2eee11f1acae12a68525af2c0f15860b44b549cc52d50be3b27d2b7b6442e3d1cbe79792806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3615ae2baf36c898346dcfebfa94dec9

    SHA1

    156fff879bf23775b96f8a4aadb699c7c2a7549c

    SHA256

    92cd9ec31c368d348152da6ee7c48071c257b324eeee33bba3cc6b0f3b288324

    SHA512

    fbb8872af715a2ab68e0a60eda799c590121c0e91d419c4d893377a36f28e449da65c43f2f6cddaa234155c1a75690b2bb2078ce5ab823a9a089ca477163bbb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff4908c4d2714f85cafe88d6cbdf74d4

    SHA1

    e36d227bee5a97d8a81aea08514ca1f5601a26a6

    SHA256

    8a3c7b0cd059c789d101ff5d622c0a402c8f5be2c688f969de7afc09d15b6325

    SHA512

    3e6862c6bf0f532326e0d1139f3aca1cf930b8ab007e9292e7fb2fe9c17c707d3aea4f0db9cf13bdda78a03611d48c49b54c7f526a3a62855416725f5093c093

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    963e67ca9f8c9bc36fc352eafd9ff758

    SHA1

    d9538595dcabf115f3dc01d2b51af255ccb3ff53

    SHA256

    2b537caeff0ed3bffc91df32615e2584e207fabcf12cb9d241cdc896b1a5c77a

    SHA512

    249a577c849dd7a727b6689cae1d178cdb5ace956f7ea5927e4ef37430729dd4a1c5576b86ccbfcb14018d7a2d62a0bde1bf31b1f546a1078abd49cf99820545

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbf40634415db15e0eb22db94cb1d77f

    SHA1

    8dc95e90b337a412d311a157b515b4a4c021fcbd

    SHA256

    d36828b42ca52c3b221c8ef36705c735274b5d22c47a329fd104c56cb04add2d

    SHA512

    9304e51d0e4f01b457b22a29062afc73d5d18241cfa80a427101d3e38179191c5235426af9319a36f70ee56ad0329829e22ee7e5accb535d5847ba17fe704511

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41df9b0d3334f0f67f4bf09d033b57e4

    SHA1

    9e29a76de83483b2c48624447fb6e4077abe4a46

    SHA256

    8405c1c97408b216cf3703cb98c1aa97ab1f51263c4086b4a3266d7441ff06cb

    SHA512

    15407db4066f4d6186e4eeb738f712e7f902748bc7945dc346a8c71b159ebb74db0804281f718d8708c82d6cc7bbd2c521874be06650578f2397a88bab3d344f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6b9bd2eaca79444ae0fa989ce2a2bc5

    SHA1

    4acb8f101ab00d8e38596bcf2fea7bbafd29009a

    SHA256

    b4d3be619f98137def82d9b55169308e5dc798da12a87b44bbfa9e2fed2b3453

    SHA512

    46134a3a7ec50ed6462de5039dd2618c7cccf8b9fdb0837108b45a4b1c45d4b0e58a067b5841124a329059d3a813c011b18a506c8d57812a37b338fefef7bd77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a264f44bafa6b0d787721d7e0d3b2318

    SHA1

    efec30f6f63eb61cdf230b7df71039b947836837

    SHA256

    7adb1db58c7784854c6d9adbf0edcd078313464cd2f28a1f87f34a9517ca0669

    SHA512

    82b428ac0beeb872a8ed3cdc577d31158fe122320aaa120ab3d8d8367308ff9b1bd340bf25fd0be27cafa47283c63ec859fabc52ce963f4c4d8783e7c1765aba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17594d6c542a38ef77724b2f65bf2f65

    SHA1

    f145641cf8418d7115423d22b9258a5addf65610

    SHA256

    658d065d266238043c3e67c90ebea47b80e4dc2ce8ccef843fa5cc1af0268565

    SHA512

    b8b4403ef9d766fb5a0356f3dde64bec7aca94962bac97e917601c2253c5dd7a3ba7c7584ede6fd7c1076a125441fcdc817b2d28fcef475578c2306883226aab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b24189e2ce887e3b80daea58af951cde

    SHA1

    6e613911de593c077db6160ca19cec369f8879be

    SHA256

    fc16ba2cf24abefd82c68cc2f6112d30e562576782a68ca0b0eec467659df414

    SHA512

    9d48213c04b58e45732103c3a58dd16e74a0b9ad2ba6277b64db5e98f524059c3f9ecad243081f4cdce8a9753cc2e72ca901f5df46197db49856727b0698eeab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4b4068779949705c044b06bee4a842d8

    SHA1

    f5d62818eec0fde3f1d1cf925ee9877ed762dc03

    SHA256

    8b1ab0488ad56a6a3002cd8d456b7a8ba4c918f3788381507832a8336b3fc4f3

    SHA512

    addc7c0e5fc8b741e72f849a13e5933f3a6e67b00a93742de2869c2b4537228708eed379787a7185b4fb295fdf7e294830d9b7ae1c27e212bf4650bbca8e9cd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    962410548f20936df0e7e6f55103416a

    SHA1

    b40b33ed3d28b65eb9974926c6433a46985360ed

    SHA256

    fa82d4642114ce91e24111c484214bb0f1b2c6cb81260969f175a31420596cde

    SHA512

    dcd335d63ddead5d7dabf50d2966114908b68718c0210b1338ccb42b7e4482cd81ca767c7c86ac91b9bf466ed2fc2c311bcad7f0ece9e47fe7256d282df5726e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d2ff3237acd5bfd0e59267e9af93254

    SHA1

    e72d4728347054af299aab6ac7e12d168520ae4f

    SHA256

    9a2a3425c21b9aa3817f0aabac31cc65d181a6dddd84beae2feb400b290c4145

    SHA512

    21de07374f37b2ba5ad5e05059660a937eee68d882dcbcb37e84bcdd7e14d346dae76cd1f75437a095e02ef6f4bd3f661b8e87448368c925b5e3f330e48fd9c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7bad4c341859b6ba709f4cc625f6440b

    SHA1

    555673961fb7d096fb09263c5b454d5e936d54ae

    SHA256

    a696926d4966c4b7deb2e3b24a6924574e4e5567a38109651da38149ff39eab3

    SHA512

    01e67824509aa3bd56547e5f923ebb7b41331eb17092139d42c1c5baefd646edea586a87760bd065449614b08e8b7844a6af2ee719d81a5bcccd2e9ae6b4dcb5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4f42abcb4c303f121b52b6168743c43

    SHA1

    7936202294945f4c5a84aa64689adb5e1a339425

    SHA256

    b39ed0db355ff5db5879b80a1231c46c510b868b04b36b54f355f266133b93bd

    SHA512

    a128bc85056fdedc8fd08694260a4e81fd98ea2bf72ab77b63bfbaacecfb0d7becd8073b6a3dc9fa79c2e440ad0a2e8341783ddde1471a58337da0b40f71d744

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cdffab2205d6214e3670cf609793827

    SHA1

    b1d87067186c10825a33b089b91bf26c31e73590

    SHA256

    98eaf8de04ee2b01043aca1116b96eb3e751dac2ce1321ae7e7c494737606b50

    SHA512

    4340ba2afafc12d2725d3bbd75dcd8e8b9d4c358a34dab3343d715d795ee8cecb9815a4321a838cc398f4dd702a624c801d799e1574cc669c1dfa0f58058682f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF460.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF4D0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit