Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ebcc109b90...8.html

windows7-x64

3

ebcc109b90...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 17:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebcc109b908cf1d822ddfed94190296a_JaffaCakes118.html

  • Size

    64KB

  • MD5

    ebcc109b908cf1d822ddfed94190296a

  • SHA1

    8c0c21cfd9932cf2965242e3ba99f38821d324e9

  • SHA256

    050941a9f6ee0bb20ab2fe956197632916ea40257ac063d2ef0dbe36380f911d

  • SHA512

    1bd395ca467055a4501bb220b852cdf5deeee61019e62fcb5b6c78526b63b6aff015e0067b5c8413abf2695bd7b512bead000070fb2a5bcdc3062d885f6ec1d2

  • SSDEEP

    384:pQ/qpPPkh4JlLDSpbiF1JvmP2DHIskDln+5udtaN7subADyfntwewX4cjfeyjOL:37LubiFPvmAeQD7ayfme5cBjM

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebcc109b908cf1d822ddfed94190296a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2628

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1a591b1fe6e6b29017d18c9a3635aae

    SHA1

    629b4158afea777afaee0a821031ea50ff51943e

    SHA256

    270e8a4389a6a4b36ea0d797f8489e646d3241080497aad2541b96e5a7b8dfc4

    SHA512

    30935527babed7c6ab84867a05a88ae4ddf34be92bd79f0fb34d0f1c57a666a04055110e5217711f966dff05bbcf40afb2c573456d6df2eb65757ee4b4c7a0e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4eeb45bea986ede4a0fb853019acfb1

    SHA1

    0693b17f50ea89a53ee64d4e9387b083e098ff80

    SHA256

    5505a8a0d91e82630be89664a258fec3759bcbd11359bc3bf5d1f29519fbc245

    SHA512

    0204f9d93ec270d89d48ee71c2ecc6a140e3b52fe2c707e70c208c1a701e8ec7fb7753cdb87f152128e8b8db1b390e1b64417db380d34f08bdfc4a293b620c84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c92b7fdf1b8531e2940483da7d65ccb

    SHA1

    d0888e27f11c49c445d42e618130cb8f4a9e71d0

    SHA256

    dd0b59839dde1e9304795fd9c200a40a0b65dfd65ae4a84fbed8c305273e72c1

    SHA512

    56733fad6afe974adee90e83bf87e44dc894a4692e8530d1cc4277192330695d3c11e54a50a484668afb90966b1f7972a864dde248f63bf180331cf3a41ece43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86e59e2f5827a4dc8605a1b1239c5b4f

    SHA1

    9aa1be523a8ddb36d3e1da54ba9b65e28fc4314b

    SHA256

    fb9760cc3c9df82aad00258b52dd0ae412668ee13b98f38a96a36c45949a0d84

    SHA512

    2721ce4c7748a6ba2bfe285231db5377f152f1d12186a4ea99742bba5eb630ec816989940ce71e5672993f715925f793a0a1320ec6e6dbcdc22bb31aeb0c68dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf58248594c2852efdd18a789b08d559

    SHA1

    58b24a308e078b19e402b0418bbad7c80b7a859e

    SHA256

    bad87fcd0082a8b50274f034ef483ccd21c4ae67739d78b32fd9a5b23222cc73

    SHA512

    832bdb2b4a6f5b8119d9be2dcdd3d9149c71914b19b6fe8f70776078ac4af7598969eee8aaa72afb519775d345681b846ef3d6facf8b878af457d03de3a8603d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1034c5a0fefb5202a447c9ae36d48ff9

    SHA1

    4ad2d4c0ba997541db6b08beb5d1e39076363123

    SHA256

    257d67dccd9a6649c4ec69808a1473f82a3bb16d866facc6f50e5f704230a36a

    SHA512

    6f87d9e6bb989ea5a6fa603ea1431fa17e427cc1e3d0b1be2f5982ea6adac64fdd7d32081bf7d052b81288359d5beededf0e4dcaa922951478782c8edcd41559

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7519cf678ab5ad86379a3863df1c9647

    SHA1

    21d937a3d981640188769f973f37f826ac05faa3

    SHA256

    6f5897a19a89e7257581898eabb980663af7fe3eee2a10ade7aba8b78c357464

    SHA512

    d7a1916b08d71a8db1c70a59468d26e9ad7663f9dacd0d8351685ab00ce58216b81e2884c61ee577a9dcf9785d18d92677bd9ec6e46d049e509840817b30f79d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc549818fe8404778fa3fce1cf45d28f

    SHA1

    c1cf5ce775d23af7d1e65692ff6dae81bf82dfdb

    SHA256

    266f8aa5f44a4586dee80b84459eee391ab25ddc70606b86920f3d67fed849a9

    SHA512

    f270cede64fdb30f793a81710fca8ef85e112f2f362af5cf30f63bc1e359be59c5aa57b9ff270dc1bc35e2e0402d38c2abf3373b49532e4128ef1b9495532273

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0342b6855d6b3229a302ec8b711c985b

    SHA1

    ab38551118d92f57f75631aefe9d37b4d71563fb

    SHA256

    516f0899bbea1acd44bd82bdd67bd08a7bec3d321fe4756468bb4b4f19b12a88

    SHA512

    574fd1ef9dd0ebb163f9f3d8e798f1c1297c4aa64e2e6eb13af90257cccc0221369c094a218e8f304f2d1bc46b120145a25025864209f31247cbab3030fd724e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f5c29b61a34fab7f746a40280e59b5c

    SHA1

    78c976c75afebfd0c7b555951ddd910658aba56a

    SHA256

    3df9c94eb4093547363f7068877133f322cbed28c4328c97df0cf9a6da03177f

    SHA512

    cc4a8ea7d358161fcfd8fcceee357fe47ad24d78f67754496d67bd13f45b8cb13c859e8468374dbd9d53d69031c71adcb0f5207b3a7349653feba56395605956

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A09.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1E8E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit