Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

f57289e18c...8.html

windows7-x64

3

f57289e18c...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    129s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 06:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f57289e18ce2a340ab3a6077bfc069c1_JaffaCakes118.html

  • Size

    18KB

  • MD5

    f57289e18ce2a340ab3a6077bfc069c1

  • SHA1

    32ee291cd2aece8767c34be35b7d35d6a5efbb3e

  • SHA256

    6d738e7980d2a0f93374f3632278aa332b9ee83aa38dc80e756f3401aee0cd81

  • SHA512

    90c110b6253eee2f14403a161e1815b6cc450adedfe076672cc4fb0671a4b9c14b6fa38b3015ce002bf780cad3e877c0068cb176567ddb3c3403fd243e4e7837

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIg4IzUnjBh4C82qDB8:SIMd0I5nvHtsv4RxDB8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f57289e18ce2a340ab3a6077bfc069c1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    603d71fd671f62b0c4421876ceddaf11

    SHA1

    1cb2fd79db5d8713d8e2a51736b09defcc773c84

    SHA256

    38c9c74d85930aefbc07c51cd26bcd6bd365e7763ee2da3ed1b1fb4e78460898

    SHA512

    cfc3000b2ee2bfc922909b7e5642dc038d26427fc9e62b6a9b14256b2b39cfc795fb6c451ab0b24518ff58b122e28a5337556799a26ead825e11999de98e9bbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4d44524ef0efc58f0cb9a51207e2d7d4

    SHA1

    d8a97d41fffac7374c5651beda23cd2aea10d506

    SHA256

    3a97d0989f4025839ff88e41972e7b652c68335644a03841867e6f9799ea1620

    SHA512

    d1a303526781c43b1b6c34ea5be40f92ffa3ee43271edbcb62282057b33d231839af239243c171da33536b591a6ac71a472e07d6257a3ec04f0e52aea23fc42b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fd67158ca708a84d571eda5fe1338c86

    SHA1

    6ba00833d37c5c4e2599682081ed667cbf2a252c

    SHA256

    f90c51188833129b76caedc22167828e90069dcbe306d4958e3810287201ed63

    SHA512

    bfc04b59c72af92399f71b12d26d5e516b34872c6e94532f47f37fdc8c83d478c5ebefe9c3f3268bdf9c94edb04e668d272449ab1f357ac90efcea7fba2b34a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d28a532791e141e8fa64a96e0f32a136

    SHA1

    078b0c738aaea86ab887d7d2f0dce9675e287309

    SHA256

    2130d649f29822865ef102bb31822bc9ff92103bab1d589f70f003ca8c68305e

    SHA512

    3c25f6c6b5ea69a67426327b8c5849a4456d619d526f0dd5998675a5d17c36af77e39222ab625311a7604080928635450433273a62e7aea93c83e912ec992aa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e469bb672325117e545d9d99c55ccef0

    SHA1

    8bf521aaa296156090917882f4575445df15003a

    SHA256

    b1dfc92b77eb16f696515a45178b9c14d6017c10837d50b17198c8d9c40a827c

    SHA512

    8dc80037ebd19a701c1b9ee97dfcc87df9729919f88e2878a513da13e7ff7b922aa03bcc6a271a67f5bd0a5572f303e91e3c19e1d51591816fc6f1f21c2ba843

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96fdff960a2749cfb82a24a2e9f178de

    SHA1

    1a7c2708d298f64824efb35ed8a1e2162e3e9744

    SHA256

    08998630ff52e04d967a160d1f5feac71b0b4444e8c03619ff31276635baa8cf

    SHA512

    bfa102f39367786785a562265d83ff7ed5e8383d9ed1f86330e34e72c66eeebef517e229d25b314e2255ecbbca7bee69c8917fd6f7592d35d767d4b37cde221d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    526ef36e2dd68b1b7b4edf4bb6bcd147

    SHA1

    c2fce6471714071efdcdb3b8d6b359b60ec0e4c4

    SHA256

    26081796103698f194a8f05ed511ad4e9d009d8d2ed303c141155119f18b2b7c

    SHA512

    4f6fa4413f327da3614411e0b5da2db7c81a7aefa617ca3e7776ae9eabd2f715661461f14ef322e533e208392484857fcd0a3ed11475e77466cbbb8b3ca00c9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0186a875b819e650567529e61910adc3

    SHA1

    e5139a25c931521629fddbf3d52df79b8ab873df

    SHA256

    82822335d5b49c8cd6e27e9875f637a86a44fb249f68fb5e096319c068f17630

    SHA512

    417d246878c67d66796b7c5b95ea820fa1887120a8c7fd560dd4ff3b1c670644d273fb32e60b91fb65bc53e25de5ed1294c380cc46946652a50137e749d0052a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    171317c4b3d5bad6ebc706caf0446a8e

    SHA1

    9e0288f983587ac3a64db245d8d992470da4cea3

    SHA256

    9d5849b750903f153e63507f7f3cfcd782a29ea8e9afe0e90a94b9d0cc8b4b02

    SHA512

    9a33da76bedcfdab81e7e0cf78d085561ab05039dc95ac7d157f23808e8c7b5beeafb3f87fb2b6166a5b886e7578462bb1b22151faac59a18a9fd287c71ac38e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA16F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA20E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit