Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

fefe56c770...8.html

windows7-x64

3

fefe56c770...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 17:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fefe56c770e68579a18e133c17c150f8_JaffaCakes118.html

  • Size

    30KB

  • MD5

    fefe56c770e68579a18e133c17c150f8

  • SHA1

    7242b5d79e692e3c64ac9cf34376178ccc5bed6c

  • SHA256

    6f4cde225e608cb9c734763240916ab80744f93e127c934547284ef149f24ae1

  • SHA512

    10b4af4099918487277a7ba257b4a479408ff8cd9bbcf631cbb572ccf678a671e9a065e96877c220fb591ce87c8bd5d6b47c4d35c51446e2c0b13bcd431ad4a8

  • SSDEEP

    768:FFUbk1b4p+b2vbfOPab/O9b1qdOjtmoGeb01Jb4JcYAX2VUgnP:FFUasp+SzOPabMRqdOjtmZrtZGWAP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\fefe56c770e68579a18e133c17c150f8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c827b9f11f3d93a04e774f40205a389e

    SHA1

    bf5a3d815e1290a68376ef1be7b26c42ba39c167

    SHA256

    e998c58aeac6ded09c9dc621a59ace3d8ac66cd613440ea8f39c3220ec449148

    SHA512

    71b449d2886f38eb4d197b65a27490a500add98d5c6218241e9964989eb76b67eb7e29525752bc72fc2aa9da1937fba55cba3da41aa25ee7b86940370dfa85c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    448134efa73cf446f745c844c0f00aa2

    SHA1

    8cff161e5f262bf0c908e43c4e171718a2301062

    SHA256

    dcd567db57e4860826f4672d0d63ebcabb685770c9168a28eb76b1e0e5ffa9c1

    SHA512

    86922834eeead38635d9fa72e64cdbdf4ea65614aa35b8013e86fd4a45b5afcfbe417831057d650a3c28ab4899bc6eb1b3b3ad496c1e4107bca0fb8a20ad2ce5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00f188f5d37e04e491b4e71f0812b48e

    SHA1

    624709609f3b4623e8db0e81b564934c85e9633d

    SHA256

    908c6059192700ec543fa445646fa03ed0e5df9b406da66f8d5619199af2b27b

    SHA512

    5643d8196d2aceaff48de408527c4605918470aa38b936f19bd8fa887d60f903a7ca308cbfbe24902cc4c1fb9defced812b4e202cca425b52ddc2a037bd2bc0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5cb654657decf22bd3363cd8dcc41bc3

    SHA1

    fef5394d4cb2bf5c02f024af5a0d66affabe95c9

    SHA256

    e899131535cbd8d415a64f9e8a4be2bf95f3c07ecd55d9efcd7f736bec704639

    SHA512

    6d29997f326da149ed8a48c8c04d8c11855c75162c93d7df409a26878c97c996d50a4481fde61825aa344818e391125ee549bf1268fa51eedacc696db05e0e64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9566663307025806f13847bc84096c5a

    SHA1

    072c7d967b6f53e7dcd3d3326958733a6a12f745

    SHA256

    34e2a25d3cf093592135399272272b8b2581ac0c37fb54714c5468ec06f7abcd

    SHA512

    43e75590d10a92705cf1adbd7f80c8f5f8103f64398de32aa74aa5af9ccc71ea1b9a1defb622ee0fd410947e733b44e70d27d16de666db4929eb3a842ff51f01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9d43c87a4f447bc4b98b2c23978f6ee

    SHA1

    5efa8195ed652b0648b69a70beed93360c60e504

    SHA256

    52319897bc465e8cbfb236d09c4acb03d717a3e65d8d973a31b3a9e0b5085cba

    SHA512

    6846c4b6a013d84c6a0d6398694d7955e89daf271d598d2b8e1748d79428cd07fa0f4b3b61c53450352df08e85557e889343dd9e3570b32be2e62d9f2fc71232

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6937d65a98441d108a4373581adf3e1

    SHA1

    ce2421ea1b2524e556b9dfc71d5b71f3af7bae2f

    SHA256

    ebfeaf96921bec8d4dda33b4ac7de964d3beb088d7b45316ee78faf3f9a70cbf

    SHA512

    5eb31c4a9d5dbf97ad964c3c35e4ab7f18c71a763a3796ee42acaaa4967ce0a88385fdd6b250632154c5b8990f52e6a132af80829d63e66475a4929f7188d631

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54f8a868eb1b1bf57b599d0cf8ae2188

    SHA1

    00f40737280821c9959dd704383cf7efc0d6552b

    SHA256

    0ed69cfdc03b8a01e7a03ea81c152f676d2be49d38ec2ce0abd6cf964065768a

    SHA512

    c0fd49c9a2cd2c4d8237ddcf9136eae67cd7fdce02b7d59b2e877f4db753736463f4e2b8580335da9177e54dbc8d54de3f5082e9d439b7ec9da95987bca32a17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c836ea424d00149cd1aae2d69a7c342c

    SHA1

    8c7e06e1cf9641855db2c9c46ffb6e0320791c37

    SHA256

    9330e0d8741a9cd7c0c2d6c37c670c21e5ff74bee2e5ecffc5f4d976bff556d2

    SHA512

    cc09f5b6b14b642525c4d5adf994267d1d7b65f6008ecd2034e976507b29f46d993dd6609d1fca642775112e653fc12142ae43216b550ce2908cf1fb74634860

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    367f706920afd6b1f58141915a64ad31

    SHA1

    8cea7fb15a968ec369669b035f35f694e7fb656d

    SHA256

    f5052d4b76423cc759db0f0703bc14a452c5d47a5077a72af57104e8a4404142

    SHA512

    af9704ae4d1fd404e936918a995e20fae58257895eb6ef9cf9dc3174618980ce6d7344b4af30020a7b8bf72ae3dccb71becb6b9e3ddebc73b8b0347ed0845e2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e25fa5696a87304fa52d11d08f94ad53

    SHA1

    e3a1fbb181c1e956c7eea7e8d155cec1218627b9

    SHA256

    db17146ff9ca983212aece70cdc74d667488eb93fd8190d7c981c4ba6618e364

    SHA512

    69bb7438350223be5356d3ac2bb88efd73f7f8108f4ec7fcb86ad978e6548c3f40f1f8c3048a44a456cb48b9471c7f0d63522b3123ba622bee985ab099dd3217

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d723a60b78e51645a95bf598bbf594e

    SHA1

    187f0090b739efdd0cae9974116727a58e491ae4

    SHA256

    9732c0e263239c3820a247ea53b52d57e9dfccc176e8dc96f681b23f621af411

    SHA512

    b4c2b941b58f420881b6f343f442dc2ebb6fba136eef50ca37dbe1f07483d3ceed4326fd4b5534dee5f10b4704b8b9e90fe608e8b141af38242fe131321fc942

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38d589bc2884b010c2fcc89b18c174eb

    SHA1

    6b9e89f48b84e3b4c2c3cdbd55d86ca6dc4b8bf4

    SHA256

    d9241e433946825993e658aae3ae50d5837d1dade36ca7d7f223ce789fcec2cb

    SHA512

    e553bf725fcb4f5449ade8bdaef1d0c6dca41ccdabb0845dcf6539fc0653f282a3e8f6a1be3fcfb538d276b1eae38cde9d0125a177dd992b35e235f047c7d940

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c95d867368cc366bf3a059d0870393fe

    SHA1

    90c83d171099b2cfed838499b8c3b3b30356dd58

    SHA256

    09ed328631cc411ffc15669cc3ece2e23215e75e911202f97f79cd9348d1c928

    SHA512

    f2e4c6d279fb8009c8bbd89675ff951e837f2f1d2eb166703bb135b6942dda68672179207764355a107786bb025f4b8210c521068f7d67032f5ae6f427b4a2db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    131fd0e01c6e6fbef8004e123b11d73b

    SHA1

    fca9f68a47a452790a39f23717e642e35fefe9c4

    SHA256

    fdfc108de8fcecbdd5c4296740d44526f02aa21b0e559cad6e78f8e23e5b7ca5

    SHA512

    ea06cd7501ccd8c2764266fd0bf6ce7032a12f2a144e4291cc179f71e179c016c221a6dd76bfcf74c91d0e63fea4a7b397e289ec00891459b82e7324474de674

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CNUR30T\cb=gapi[2].js
    Filesize

    66KB

    MD5

    aa012028297a26c039c37ab25a4bd17a

    SHA1

    25f23d01b5f580c00778e1c010225e5b8c73b66c

    SHA256

    55cd2316edf7159b623e4ec2c9e3a334027c01e2d1cc386f833ebcd35ed87b38

    SHA512

    d346eb082674fc26d562da9a12f36ad2cc7db1f1b35c891a8734284cf1bd052a967137c1281982070688b2bb2e06c7f4967d1c9397311a31a11a8560b9c45fd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOYL2MRI\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    e691b2e17de9ec018eca758518bf5dc8

    SHA1

    3238d543acf53b803dfbd260405fa558717daaff

    SHA256

    438d41bec769ff386a2c1555b6bf9105362f67dc3e711c81c6092ee7fbf6ad2e

    SHA512

    5589a5cb408ee8e0fd473de24224ba8fa1453eba5df6e591570810f992160d4f3e8f60f8ba74d9994861759321f5bfe0c4a608636913a8407b5184008457afc8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4TQDAHL\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab754.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar755.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit