Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

0a3ba2e434...8.html

windows7-x64

3

0a3ba2e434...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 10:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a3ba2e4344794b45ffa5c07c14080e2_JaffaCakes118.html

  • Size

    85KB

  • MD5

    0a3ba2e4344794b45ffa5c07c14080e2

  • SHA1

    4380a471a16f2fe1235ae4f7c75768f617a260eb

  • SHA256

    cec1b430708a092cd47a833dc019a9a495aaef16fcf062af3e099f783ad7f459

  • SHA512

    3c5c3d7eb64d769f6d36cc72d051c5db2fc1aa89cdd9dc09897f382d1bf79c11d3abf6a7e04848db14961cd427b5a50861214d4c667a50ba2a1c4b983a1c4994

  • SSDEEP

    1536:L+ipVn1BUNqvLKvr7R/knVpWCU3So0mjiMpbqqvmznhKv++nPLB1VV:LBvLKvr7Ro0iyuznhKv++nTB1X

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0a3ba2e4344794b45ffa5c07c14080e2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    240c8478de38245b7b86ed445fb3f5f1

    SHA1

    d93dc3d1d119d3f8ac428a5ffef3ed28b82e4384

    SHA256

    5838620b323433d574a5eb80cafdc0e08f4d49fde5cb6c9513872543fc9d528f

    SHA512

    254503efb47d490fc5946a41308a11830e16095f8a6f4610e176a96457d1407015c5ec3fb83885834a7178f537b3004946424f62da300f501450f352a373bd9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58c41a42d9ae353967ba13a036545e5d

    SHA1

    e221d707964265e2e0c69ca2a8305c51623c6aa5

    SHA256

    f47b61126232d52266fb8500375fd18d0918906fd2c90d6d1138831e75a64dad

    SHA512

    a8e8fd13c532909278dda55334967e9ec9f8130f05376f3e6c7bb3c1c0019388f3f22b431c56efb8675a8225da286a319c1fd99c11c4f81e0b9a37f9cab10f30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    333465427576bf657759b6261605d06a

    SHA1

    aa6e8645bc4e0c50bf46229c5fb5ba6239227d2b

    SHA256

    a894e3b89c5e505da2d97ba2d9940540da41ff33a496717fd07abd1e18fd29d0

    SHA512

    02018c0e29806bb632028a6650314faefe3bce9d56af62f42cbad722cb8c41575a1baa23d62bf69164ee9981e6e9ab8f06aa6ba3b6d0863613d4fd098357cad9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    599c82016cfe04e7b530b6ad5de2111c

    SHA1

    10e7afa40380e541d7be07aa04051b3a3df1e71f

    SHA256

    a2d98da4a1567ae3ce309c2d35e4b088936d93c89bfcc6470d0e3e7c3a28551d

    SHA512

    8cfa85f066add33aef349a7fd2476c245ac737787787dee93503bc3c0a9352bf298b7a154f7a7f8f0bd212f46adb203fbf407fa281023bd8814e724845cc2c12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5b7f43949b31d30db9c2899d24a7bd3

    SHA1

    9cba3f97ead81ceae64e36514dbfb28824aa415e

    SHA256

    272545e89dcd4f4d2d13dd0f9ce500bc8bac75a7504743393b768fde5b6fb7f2

    SHA512

    63d21ff2d7e54310b75cca751cd85cf59da9dc40203fbadee7f9eaf85c08ba50fd13bc160d7e16193ef841c75dfb02b5b5507d6ab41a73463358189dea37f0c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2df53a8d34d1f74e6d5b3a713d18e472

    SHA1

    02c35b39dc4f57a86ef0ea5a438625ef9b87ee3d

    SHA256

    42865bacaaff44e091d17e2af3d9749403523a0b929fef2861e094a20ab49a25

    SHA512

    286453a675467845ab77789008f8ce257f3cc620f35319c918b9c416b312623ed4c239fc38a0a11f2c38ba82dcfbbc2d304e202ab21dc4f8c758f6928071cd58

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb37bd2ed6fdc53d4afe52e48cfee70d

    SHA1

    dff6271a34a2f59c7d7409f35a1db46b89e30b3e

    SHA256

    067b1f18195752868d82f6751ce547db561076ca4feee4f37bb17f4248839868

    SHA512

    23d64de38ce794e179e3bb8054a5dd8e5faecc8039b8d85818dcbcaed79d4d9b01dce9fe44bea0aa5ffa8da7cf574a40a85b1674d46545aa351e9b634885bdca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5477f11ca56deba771bf8c0be1c01640

    SHA1

    3f070ebf6d82d91329677cd6d4278f72d83b1243

    SHA256

    0e709c7c91b94f079e034e40815d14c4bf0823f4904a8d8e7c1eedabfca6bb05

    SHA512

    06027599397ae97d03952572a41295317b9fe3ff6b355073762a7583d3a6a171a1c667753855af43cf47b88f8b96db13f2f570d73c0d8a15ca78369f3c5869a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5544c44251e71c063227ec724310df78

    SHA1

    f9afb4a8e887b786ee026b0611c13c101034ef00

    SHA256

    6df4906b2dd1d9855985356ed4c6550f22e01eed4537819f453270b6bce44cd6

    SHA512

    95a91b505fafff29d95470280593db10d19f4105a1ba37a33e1fd7af26d350a10d293da0da689308e10374fa58ae8560fa6606229dba23ad5ea94d86a79d49a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3479.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3519.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit