Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

fc5d75c341...8.html

windows7-x64

3

fc5d75c341...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 13:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fc5d75c341532ec6b8391ca02066c479_JaffaCakes118.html

  • Size

    245KB

  • MD5

    fc5d75c341532ec6b8391ca02066c479

  • SHA1

    785c4469d4925e128bae75cafb2d6642c58869cf

  • SHA256

    1e75b253c0aa8839eae2fb9011a99a129919f98b4d0f3b9b11c86177f28f1c59

  • SHA512

    ac9729c7210c317ea67381867b70535e9d5b82afe5efb3f04264955b54ba8d30641b289a0db8775f51456675166cdf3e0eaf1ce936a0fc1b03668a053576102a

  • SSDEEP

    6144:SssDRCixVixc/sMYod+X3oI+Y9sMYod+X3oI+YQ:lsDYixVixcD5d+X3P5d+X3+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fc5d75c341532ec6b8391ca02066c479_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1540 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    08446509bd17c307198906f4aa2dffc5

    SHA1

    c97c8db4f576a716f255b49b3f51a970ae79503a

    SHA256

    e38818ee254a9caecbf4429aee12e191732c2a1e341dff3c76c4383cb1374761

    SHA512

    b7687ecf2feb6aab610a0b3926fb62a65eac5479085380f1f7a747d79f8ed2a6d428946f371187b91bb1b50f35cf9319d87a398af20ff4d0e7bfeadc76e6fa2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10a846ce4ad672e8fa6033dbac735def

    SHA1

    c15656f506672a230ae03cbd8f3026f2e2515cc7

    SHA256

    48d9aea1affeb9b9e73befb0c3f289eee4f5787b48fa0232a59b107373afde7d

    SHA512

    9418b248d1e7f2a7ac5f95739d1559699df38ab3e0c3b4da392d831a0097758b8fafd5690ee91567fedd2b03f11de9da6151830d1732cace1b35617723c54ac0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c12b05abd1c87e2d7a5d48479bbc47c

    SHA1

    89cbb0d82b4ba566eff289714f2a05ea665426ed

    SHA256

    1bc2c8aac37bc5eac4c79a42fa3d59386b8ec1e5f68b0aba125e0bda955a83c7

    SHA512

    c0c185fa39de8fcdc14f65e8ff3594cac1f0187ee1342f1cd8116e9aa67f0ffa67e3f963a67babfc996ddf3fbffb78c0c4348bc81d5b965df827232be2a80d08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    89060279666868ded37e5a8acd8c0d64

    SHA1

    94bb89cdbf5ed3e9911444ae4623c06145afb17a

    SHA256

    4068d6bf79395cf96621bcf1eb044b3ebd8ac1339ae69d664f568b8a20debae1

    SHA512

    f0dacec827ef982becc8422dc66d26b6d8643e8b374162f869d1b281cf6094709693edce8ab00faefd5bc59f6ce9269be2a81abc3a5e644b32297acaeed9c1d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC100.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC19F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit