Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

ebfa40f10a...8.html

windows7-x64

3

ebfa40f10a...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 18:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ebfa40f10a5a6ff51b5354d3dc1e8abe_JaffaCakes118.html

  • Size

    67KB

  • MD5

    ebfa40f10a5a6ff51b5354d3dc1e8abe

  • SHA1

    fc89843e23db08429a9e743cf7831f6a0e63a5ab

  • SHA256

    1e4fa0f6c628d3b99c3f638171c26b9b30bcb08d108d2f18977c2253ed2c7736

  • SHA512

    7a3bff4cdc620ff3230ac92c31b9e9880f901db8be47cfd562e1d201af454ad14b4165cb495153fbddc01bb9eaab5a65cdae74beae7fbabbfea32fb488d97457

  • SSDEEP

    768:JiegcMiR3sI2PDDnX0g6SDD7oTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVG8s/k:JgeTzNen0tbrga94hcuNnQC

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ebfa40f10a5a6ff51b5354d3dc1e8abe_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1840 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2610d04d7dc42c9b9b85ce26e1bc77ec

    SHA1

    b29d364667d4fe4bbd329011763ce8f27c362b19

    SHA256

    9a30dccc77aa433631b06a1ac19b071edcc54df07c5cd446c16f13a7a9d1cb70

    SHA512

    c8ecb66037033f53d01431b034cdf85ec55f4b6940d3c1dd430f8d860db6df2a43ae4dc2824e6d737891bf175d3241e0a11731f89ea1a418e0d8bde1fea5ccd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f9fcf286ec906b1a0b5103760a0c1fa6

    SHA1

    12f669a7e230d2d01b376e48be433eafdd3b9191

    SHA256

    d3aca9dfd3b99b5f439afb5129e2a95fb0fc3fd7e584493b42ba2a403eff02ba

    SHA512

    78e3f09c0afcd36a84cf52652bf936b775c2550ba56b0317e616ad63329497b0017c5d57be2a66da6b63970f049dd9ec340ef71c13c2ed074f54fbf3ee0840cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    82c0f5599ec710d2e23cbddbc17c7bf2

    SHA1

    2e37b77d00948d2ab4c66b1ee0d271aad41138b6

    SHA256

    61bb1dc8c312823bfebeee68e88bdd9ad6bded64c81d2997108f7b91b8d058b2

    SHA512

    bdb83aa07686ae77de7f7c9ca20580dc021a717e0f58618e455eb0d40946ce1a3a213063cfbf8647defd129246e2bcd2690648554363702cc2d9cc39fba24472

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee6ec105c3ba53441a1abfe4bd9a27ed

    SHA1

    0f48c43dd4461f418ef2e8469723bb965b7c58ac

    SHA256

    51614e53b19429aba466235c8c0365c184fdbca41b23d6fb1b99bc357a93d536

    SHA512

    ac5f0a28feaf2df225c32023d4c50683ba6768b3399e7d101cc4424f6a8b0a384d3b452125f96667347860d4f0e6b75dfecdc4bd02208992d3ad304578c12e47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a704125404f4d3ed318047202e97c24c

    SHA1

    6c82ad1346941d8584fa143001e81c0fba770a43

    SHA256

    a0562322c6fc00355ab51d55ba5cf5e1d74c494b6bc0056eb4f749d9c098bfda

    SHA512

    118a19d8cd27a890374d28f9992e04d877b0d6331d795a28e7bfbeca93152960adb7ecd742829708c48c5d09775995443aa3a60c936e17453f2fc5d029c65d87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    190a68be9be97f1b7adb90ff2a367f59

    SHA1

    108da9978d1352f65dd6b03787094dfbe52ed0b6

    SHA256

    807df3c661964bb66ead672d7702d31fad545210568added66fbd37472bc754c

    SHA512

    23f41af9063f6256c34920689d172a7da99aa6084a8f11ca019a40b39df5142a68d88dfc2b1aa86a90182131ab34b8b6e05e2474ec421e037e2e00e574d0ab7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fddcec9ddff1bfca1c8eb28ccdd8a0c0

    SHA1

    08d4e221595b11783499c6d9661f6a1dff8a00a0

    SHA256

    0a0194b97bd384410f51afdb876ccc92b3f331d36816c19bc8521937a5d3c065

    SHA512

    2b7aa237874abbca07e743b5cb47340b674f7defdba11849003ee3aff650bd4b00e81e0eb72cf480486dac57f4e0fd79b6cdb7873d5d598395817651414f8177

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c3e053a0b5201b2c0e72f355e7d2429

    SHA1

    ef20bc2b0e19f434d5722d3d06868c3fd48294ac

    SHA256

    93b34bbc5b7d2b7735e975392a5043c3db17c4a8f51fd5e43176b300e1c19eea

    SHA512

    a9f352a1488876f36e759be2ed68536f8dbfe39d50863cfdfa39f6a7ab678023d61131cc072f1002dc3c3d1eff497fc5e0a876e817b3c0f295e7353656434525

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12f9ceb3142e338573ae8bc22428463b

    SHA1

    517f1742c501e39df04932dd3252b16214c8bc5c

    SHA256

    3a80c53263bde7045650376294474dfa7fff98d8576ba187808b5cdd811c7aa8

    SHA512

    d53597c95665ed742a25126ed60be5d4375b324e7cd8cd9b05043865f40b78afc4cead612adb02a64375887e8427b171330800d439e72b2aeef7448624554eb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    606623aab7d0d21ea1383abd6e6783ca

    SHA1

    03b4493818b09cabe935fb887f62d43905ada746

    SHA256

    ab63db4f29f02971a4cf82990030baa98a35982850745a62e7dac25f0fc9d2cc

    SHA512

    c8fda0f31379850fcb878ebcf320026f53d863d9e992b407af9482526f2b45811975fc7e6e64c9cda2907b9e468f777e4ec7842781f0c44cabfdb95682659101

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar16E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit