Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

f0aad37c2c...8.html

windows7-x64

3

f0aad37c2c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 21:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f0aad37c2c0e7f8502703afc0fc631af_JaffaCakes118.html

  • Size

    53KB

  • MD5

    f0aad37c2c0e7f8502703afc0fc631af

  • SHA1

    a2cffb6ea6a6f534a6534f4c93fe692953a69411

  • SHA256

    d01f82b9456e9a73d3c196f42c2c5141e1dbfbe9288752727720f0803e0768c5

  • SHA512

    d979161386f2a59be2d98fca34b9bb6f4e358d1b2af80b02b910aa0d51ad80bce95cad223121c8211add135752944effeb93c8757af2fe21767a115f71ef67b6

  • SSDEEP

    384:0bCD6GicoGFDPmekxYBvn8oXAu2IChSGH6WBlsOKIshdGbWe+qXqWjNZckpBpdPu:QOI/eqFUvn8ZRsPqXDKOIFo//tzG

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f0aad37c2c0e7f8502703afc0fc631af_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1980

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5c6356af63a12162955ea4d34585e01

    SHA1

    25b5d2f107fed371a8e9aa3383298879953cf966

    SHA256

    3a332e0601e33f369f14912666f46724e9b5615cff8a1806c51ea51a5084e15b

    SHA512

    5e195841714c02c81df0071425ea60f342b2517d076a664d764235d3401972fe549c6b3cf38bfd086dc4a9410bd004aaf87cde2036cb35ecfa32c11cf6fe01f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6d2819c58217cedadad1db60351f257

    SHA1

    466f79d933a2d99d04985d1ed31f602807c799ae

    SHA256

    b20f07c460b139b3d595e4a50e64e6880d2143063a823c38064ef2b314206e5e

    SHA512

    256f02a3c86d39825008900fd7b0a871117f8863eff9bd840be8a65d8891ade1ecff98f7ea08af7c1e685c8bc18338410d25365c062a7132c50111f2760d67d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ad2aaaca14b73935e15d4090131469a

    SHA1

    a24fac097ae6a793de775dcba140e1f867eb901e

    SHA256

    413b20d79b4f4825803d6bc3730261d12e9846f2c4c94ddf08893adf7438cb82

    SHA512

    c27838ad8050445a6a687e296b1de6d4ca742580a935f3e53cf779413a8746983689a81f4f5fb5941d167bd21711df39701a9f22d97641d9e00577e29e1414f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9a295660acc36d128e1800f1031d0ab

    SHA1

    8682298901d10af269b0fb381daabf334357ca23

    SHA256

    f77129cba4445ee2dcf0431852ff1248f6d43cc91066f46ec90a52b09c8b02eb

    SHA512

    c0d803fbd4a1d713b2cf3e4386f86f93a21486094de3b386aaa565ecdef22135a43c5d9ced96151b829385e5b37292aa68fc1161a94288a4a8fe24e591f2d5c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31585f3777f17635f2d94835fe6790fe

    SHA1

    d9c97953f32fb60ac545f5d42df6ea7fd5847ee1

    SHA256

    104feb3cb5858390e952ed19c53633f750b4f399bf77f8a2e6941fc6e1aea3c2

    SHA512

    7a0ca281edb9d4cf53d1466c56d51268475be4af261148f339168eb796c23f23f484a19b1c8dbbd078b01a357f4c732b4427585ee13f1c4922fc2ba515484d0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    174c3d9de34d5a3ed55b5f4ce8a0ab99

    SHA1

    096096e4bcca4c59dfa9745407e09a711f018eab

    SHA256

    73fafcb08365fe29bb9299432b66fcd644c012b2e34e99ebf53d34701d2a45ab

    SHA512

    716e325dffe4b4d61573a38d73cc40e774dc7f5c0e8c73dffa568f10f83a97c59b3b8e7bff3a8e6eb673dfef30c094a549bef2329aaf0c59fb4ea08018e0b152

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9295e859892c1d60bdcbd69e5444fba2

    SHA1

    8f065e5bf13513f6399a86ac1165b1af38295ff7

    SHA256

    870ad90b55f8228b666b032536027507ecc17c548d3400d9a2531f4b2d4ecc0d

    SHA512

    8f888f4a13d54135b189449e276544475ec111e68e400cdecc3b2eb74dd75033034cc47833f13431b2fd78b35c18c3a611972a7dc84e80061a24d1e84523f1e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9517061f75c558d0e59689901fb21117

    SHA1

    e3f96701be7b0f8be524c55397a175179fbd44f9

    SHA256

    85329613007c1eeb8a407c3dcf8f2e8979ee4ba211b439e7e51ea26759956847

    SHA512

    62db2df78ec630ea989575e84b620c9bd454273ed4815efc08bb6ef05afde60cf37c6742c5d1799f06a91caa19e24d32faecc0cf030ab17a53990db9fa967b38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5891f457c9333846bda3f8dfd084742a

    SHA1

    5838262830bb120def5a3bd993005398ba1b7c94

    SHA256

    b5bb43e9bc691ab47c5f32e008c8cf11029e2f64fde4beda609412d424be0a6f

    SHA512

    83961d7bcce9fa7b139930a8120f9aa1ba4a0a21a81e9085532d19c68a56f181822867e5961fe01cd20767805c10a44b3dd706155b99267d2ecb0155da1aee07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fc145611164da37013af2990eae4292

    SHA1

    e5f275809dfec26cdf1626c11cd0e8bacbdf628c

    SHA256

    ab03aa2303b7d741f1c0b2421a097ef8129000f63ad3a98b870f93059960bc0c

    SHA512

    e863b6615c1e6bee99e2b5d3febcd7d25159f1d3c3d5521ac1415fa8afce3c624a7232a240e011e5c2cc8c0fb5c2c4ae15be0812e07074404015cf6fe58c3fb9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB250.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB2C1.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit