Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

0a5fee9b26...8.html

windows7-x64

3

0a5fee9b26...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 11:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a5fee9b2687a1d391424ca38098103c_JaffaCakes118.html

  • Size

    7KB

  • MD5

    0a5fee9b2687a1d391424ca38098103c

  • SHA1

    91a05aebae22c3e77891c1547ae9a21f6ebb060c

  • SHA256

    792571513d31f78a87987a3dcd762204486190cb3de851179c473acd8aa9fc42

  • SHA512

    4d7ba7869321359cb23dd4b4c3f028dc89cb08f320fc72cf4f7b50985e4a7c6fe6ead2885f210e2b549d0303dd0e5e71bf4b28c0eb7e9e377ad64ea3f669df03

  • SSDEEP

    192:t6qzFUyGuRLTdsLG7O7wKE472qIGuNpx8ikiuNphVa6eyS8:V5qckwxiuehVa668

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0a5fee9b2687a1d391424ca38098103c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2128 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbac236e66e59ac2943c28b8de5feb4b

    SHA1

    a0ef426b0e3e1e4874e6c774b34469e8add0103c

    SHA256

    3586abc0f341bc9ce0348dcf9bdcbfda096ede1058d4a21de0448ed6a2112132

    SHA512

    132a9fd9db78445a39b8fb9e6ca2eeee888720f9f899af0594b0caa2a7fc530cf80379d48b47790a8c1aec1bbd97b24e5100be198a2adc636ee9da7077ef1904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ba3d09a5cf6c04c459085fbffa2a636

    SHA1

    79c9af68d779d3dbabeb8e6e55a46337d1a53543

    SHA256

    8f3183bdccec900fe5af2291a2575fdc0a063765dc9dfe89d51aa773575963bb

    SHA512

    1cbc32a19dd636053749ffa7f144914b00002672d9eea769af33490eae806bfd5944fbe93ceb88850392da38d1b65d83758698614914271760ee07cdc993bf84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9b76c0b1c7e5e360e5a21a1c661b196

    SHA1

    826e8694ba94235656e0bffd4349f1d35402d4eb

    SHA256

    44e24aad80d2f13de2b806f2481be9d449523945e76152a31320bf99256ff761

    SHA512

    c9eaef2ac33594a0aae37521b2868d809d5b607d805f10384cceff8bc847b4dc37df9483545e97ccbd6f70a3e16e185edc91c8820b5d219d162ef937fe9931c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8fc2c6d3e61a1277d95751cdfc6a39b

    SHA1

    b2e946d4b230c93ef215c8773d767087374fcdd1

    SHA256

    54521d6a81cdc16cf6752f45ebb32ad603f6f95f7a2c96bc5e2a9612ce2ed2a0

    SHA512

    82400078fe3834eecd5216a24f43463e1775ea2e79ffa45fa6bbe7466f9e4265797ecc2f130c9d552e5f9470720b9b3e76345ba2126d7407825cbf3a5d6c7447

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0ecb065b9d0ded61aecef07766d81d2

    SHA1

    05926099af6589d3c818d842e150af66c7d26684

    SHA256

    849a9acecbf88d81374c7b936c83fdb4767183358f733ca59b06f6f4ac8182b2

    SHA512

    748411076446423c9168187d5d64e8ed88c773168ae7e7d535aa7eec24b67660d1d9eecb863083a9eca9d0bdbf0994912c3090a489f2beef3b0339e7b4c4580e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebbda7e20ca7a0279d6c05468918b53b

    SHA1

    5dc843d56bdf2bf77d7ddcfbf4c11d181ee356c1

    SHA256

    1f85012e7a19a06930135c64b1f6694f76748d089c46efd1cf30966267a51fd6

    SHA512

    331027c25d8bead82ceb174e709a6cc2a61cbc94249c8cf2a78e317312ebb4789cef9706ecc7e8d02d5106b46428a91251388e432f6c62959a8e61f8988a5d65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b00c155e69ba7b9c8236e8573c1be67

    SHA1

    17ed4e29f49ebacf89c48dab9e68e3a8c913fea8

    SHA256

    da24b1733239ec9194b2cde6297c9bf4f81154d82654129d51f9cc578ba4e2ab

    SHA512

    4d9f467be0eb282fd8f1c6f826459da09ba10cbe97243332d9585af763d9e4ba148c4d4987f433a12f886a7ee0e2b1204a359e13e22e745b8413cfbfee5a403e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f1842a06682a75341736a76b215823a

    SHA1

    eb7012443788c92eaf67268f8f3dff90b04c2c76

    SHA256

    4f96f411c5dcd24cc8ce98b7f5e436432b958a3057fa092a302eb3410d890a59

    SHA512

    ea77e600289cdda2214a9ce854d4d491c0c7711abceebef7026d5c1d60f9955a23511c615461e92681af35598678e7687e0305cd5a15f20eebc1183cfc4fe5ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b6c53020e2aa36437738971f916e541f

    SHA1

    9441e5a0a0e996cd74c3d9d4694e1634f3712038

    SHA256

    d5d9558e2d1374a59c11c8386de4c0d609972df247fda5a857738e737f25e098

    SHA512

    424c1ec3c12a85f021c7f63bd494e15f6ad0ab4028bb33d8e298d3b3e16b29d8628b092885119a1274e82c0996bc63d7809eb4a9c13d85e9550206c11f9b3b0c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab92FD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar936F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit