Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

f6cbd685ba...8.html

windows7-x64

3

f6cbd685ba...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 20:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f6cbd685ba7021ed112ca247e223ad3b_JaffaCakes118.html

  • Size

    201KB

  • MD5

    f6cbd685ba7021ed112ca247e223ad3b

  • SHA1

    dfccff56584c37189c64599d6ac15c462e90b4ad

  • SHA256

    21c542c6da9803fde9fd28d5800ab3dc8562c992f0df61f302b6862f0f541c7f

  • SHA512

    006fd7e2a2aa4d12aeb8ae14f53d7caf12457ee1d2bb51dfff861f86c3becbabb95cb6552b7d4e91f8b64a057b95eea09b51e0e8ab0f066489f125be9a31569c

  • SSDEEP

    1536:kauJIsos2Ei1is01oD6G4lTXwSO1NCRNe9lrqaDrzuOGvM:duzTX3Ej

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f6cbd685ba7021ed112ca247e223ad3b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1804
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1804 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68d40152a69c56a0214fda95c628942a

    SHA1

    c94cc396f92eee3a4c6c3cd6fc03815e90f05691

    SHA256

    1d53502a549cc6f2181a542106e6334130d04985c4147c435d9c32b69156e1a8

    SHA512

    7075e17ec2587052f25ee4965b54dfb98b3b57f7f83a668acb534c846d33d28ad1e81d9e285e8d00113479b0c6f04a1508deb5cf7dce57fa418b635014a7de0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ab38b02fbf39c12f15ae8a412e755d7

    SHA1

    bc0a35b18dba88d0d784e3f3fab51dbfdb2c68a6

    SHA256

    42dd106f0a7241ac366bf6c22f761f111016646af25063a529d44a41f6e798b3

    SHA512

    ad9e4ad808c1dc8b0991ef84eb7ba20f8fb2091b0d9acd8bd9b9ba0727b43549392d1318c9710aa4d0e630225ad54437da9d1e02160c10eb94df3b7111d0bdc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d7ca244ee7e9f2c1e244223d610522e

    SHA1

    6ab39bf6f12f71577e0aaecd7538a9dbbbaf5b5b

    SHA256

    345c6bfe294b9f972c0b4741400e73cb686062d7c4190d3b882dfbcf96bbc445

    SHA512

    643732b26d21389360d3f5f5e7c100b20195d505f9ee12af51ff1840cf4dd44b3d65508decb35fbc53f18d578013391150a41b140d9caa728fb9a4f5167de853

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    403efac14792fbc0a2b634eda5acb29e

    SHA1

    ef2c24045838f7bf1bd1dd665cb574a79c3963a9

    SHA256

    8066cdba0bcc0134e1dfa1468b75fc72e59adb39c3a20668ebbaaa7adea19ce7

    SHA512

    cf096c3f3c628fb762752053c4064abb4a642fbc82f0f6e6e97b2768ef55199ae81c22510996dc6c454835ce24df77181df3a864868b59b3b41acf934b2eaf21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04da57b3f754433f96e62031c889eb90

    SHA1

    0305c1fab9516bacaeaac510e5143eb6b96c5435

    SHA256

    2e9e880543d37f147e4e7fe4f1023fc3f0552b9a009aa151167225058337eb5e

    SHA512

    5ad0db72bfd977140a569cbb56989eef214052b5203c0e81c3480910625e8a0584114f89a57473aad86947c290290f895d18cb6fc46a7392e7285f5b83ab9271

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0ab0bd55af6f70da05a4ceca24a0235

    SHA1

    8a7d02d110fc232d0e72840cc170871dcc81c70c

    SHA256

    13e61715ad0ca5740e447ddcf32b0b7c8eea2188eb11e25f8b14a5948d12459a

    SHA512

    f9be1bbc68ef0df3f423cf7019a2db3698a0f33429ab6a8240e784c8793a2a7b94b80f6d7dadf64f49315b9fec5d557e831bfc8e4a1cd47484e30a0c2270c5af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    793513168d82ea63fb205c9b9dfe0481

    SHA1

    dc97b89de338845743c1eab84a448dc77c0fd44b

    SHA256

    98c04c49544585836d57847bb7697bc81707bc86f06677e780671fce7d9663c6

    SHA512

    8e8187f805a5cb43d62369b89f1c14b5784243f46a772b17f710a926cbded10adfa66fbf5d84fccfefaee3c0212bb7e069631f128695e94ce342e26e48990b51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa0b3c66daffd62df973e8ae1b420cc2

    SHA1

    0a19184877e2c84baa1cad10c6d5d9fe234971f7

    SHA256

    ddccb21594d9efc7a85c0770a9758514800420b3bf036e09b13765a4ff24ea83

    SHA512

    6f25404790fc4578f94a0ff50e02afb3c299793a6b9d63ca314bf09866ad1753966d632aca8b64e0b6b8fa504ffa72b37a5cd0e44e3aee150c5f1398a90060fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63a33a6af51176d5c2930554582ef177

    SHA1

    9dec18f05040ea0738d0bfb0eeb9769dd22f4915

    SHA256

    0883203d57ca59bc1d8fa00b904d04e4cae0ec7d7b96ad15d509edb53023c463

    SHA512

    f1ed60ae52e7f5a3cfb3234d9808e76b0401a01751ddcf5ce9d99c1ba9535ea872da73b6e9a26e58902031469890a293131eef466a57db0356e18f6ae809e948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8affcde7c30b091bcdf1b568d28b3ebb

    SHA1

    c43321282938df4204e948c2df62f79a79951ac0

    SHA256

    1874e3d69b827a4062043c358fcae5411bd4e00b50d1b5b7e30f29689c990438

    SHA512

    baaea9ce0747ec6e8eed3fc2cc4a78ceafccbcaf2a14ca4af509e810edec6449c417529020fe0c0457c904f2393c9ca0b5412e9b94709033b74dde1fc0292e1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    549f80e95d1f133c75f638208a8fbdbd

    SHA1

    260ce3cacd3a2b52281aac55924beca4ce71b6f2

    SHA256

    68fbad35c8ca458cf99c2a88b11c3c32c14efe01d684584bdf2c3af5316e732a

    SHA512

    fc65a2981117d5e47d5db779bc2efa8f4cd3c27075d518035dd07340c1a7a06640f5e499ca5b04faf9264883b3d4ee2fa264c91714a146c31c365d80140cec7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a14d3be3d4bcaad645e493d001603ce

    SHA1

    8fb9cad2314354fa50497c9b9e84117a8c5e1345

    SHA256

    3f530a64e15ea65bc9f21cb24204d04e3d4a0e859166d41f69f55b6093e7b8cf

    SHA512

    5c4d9a1ddb47498a7379bb4b4624717f43d24a74462c9a68634f4f7425cf26646e7a13f2eb69502d43fab6c8c0ef67c5441b890c184a901f4c265bddc502f156

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e0ecad018c46f6c5426b82ebc614298

    SHA1

    56c8958adf2a95414561b35a388e2356ed6f0cb0

    SHA256

    65202443e73ce547dcda2717a5aaa18fb7d437a362625241b2da145a28424661

    SHA512

    c8ee9019d9aa62c9023fe6403224e8c8118c3c3799011824624ef7daded7d75b3acc1484201ab0a456aa009cad965e6531da24d2c3885b24f3c66a637775ee2b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF3B4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF414.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit