Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

11e276894a...18.url

windows7-x64

6

11e276894a...18.url

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2024, 04:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    11e276894a7378fba77120476cc82ebe_JaffaCakes118.url

  • Size

    158B

  • MD5

    11e276894a7378fba77120476cc82ebe

  • SHA1

    8f43ef1678e5e7e4bf35394972498d5c56bea145

  • SHA256

    b24671dc9d712bd52db0ec991f282c71cddb16ad072ba25fef980af136e1deff

  • SHA512

    9f1b576061c6a02ae20a8acb2c0fb6975195785f3be0f26b5621bae7e3c18d109a2c7e5fedf64cf62c6ac32986624b69b0a6d3364e8687a3d492d5393b07a82b

Score
6/10
discoveryevasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\11e276894a7378fba77120476cc82ebe_JaffaCakes118.url
    1⤵
    • Checks whether UAC is enabled
    PID:2444
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2740 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    40b33c9ca9c0068a4062d1c92cb61fbd

    SHA1

    5f7de58e06fe103522deabe6f309e93f5aa5b98b

    SHA256

    48f9cfa73aee647bb67d53f64cb19335298b7557d4d54c16cc2967ba4270af35

    SHA512

    52db7e69bf7aa7ab9a88062e5d812c26a30387ea6bb840fff38e9de5071edbd83d602c087f95e7a81e61ff3d0be06cee456096e0e5465d0a6972df6a18bdc921

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    29493f05680165c98c4cb84c16fc5617

    SHA1

    9a50f7c5d9db55a45729d5d052333a2ca2cdbb16

    SHA256

    6292fd832a9a2aa6f07a0d33d3f2d3f83d3e321aa93f7e96b7b00e05cb3564e7

    SHA512

    2f2dc1b1f35d75621142ded7167ab78c2c4bc765d8147259c881dd149ef4da25245093e55464e663c4708f7fe862902eed041dec3f92c0120bd7c9ffce525b3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abe14dd6ef9d9ed87e3661b1e46af28a

    SHA1

    fa3e3f5c911e0043d871e2b12e948bc17027fc8b

    SHA256

    689673819ab3bd7cffcac4fbb5b405ea4bd17f51083ec8a8cf0a70b35727884b

    SHA512

    12470ba08810f1db012593beecf229cc8eedccd96469392c720df468fb3b44a3330d539a7f804a88bb25a4cf2c0d1d2f1394448ad42186064fd531a19a7a8840

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d7684d1e9ce2aa2389251ef60ab4495d

    SHA1

    6ca389115d0597cbcd0311292eabe298d12b3d20

    SHA256

    c516333de5c72909e7f20b76b96b2f6f4780995d8b5df9b5c313807dcd78a607

    SHA512

    ab90d78c14afeb1b284fe9d18d0bb99a6cbfe707bd21bd9fc97f0a5eed8cf320759186b0762465c3e099ec413db68a3581a2935126c0aea57bd296666c2dc110

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f7c6f8dcb0eac62ad0558830e3b178c1

    SHA1

    05d24eda3e8a4e61e3df8207500175e556e3c096

    SHA256

    33afe95f4145d0866a6aaf9b32e8e51dd612e8c307edecb40ad2b7b94aba6948

    SHA512

    822ee5d71bd8e2c58e6df5509b35fad508d2983fd54a811fe1398cde373460cfa046965714d4d9cfcf5a72b6e7a5d3af643de99a609c5df9ed4d779f8260d8ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    faad93054feafbb0c5bf6abf5fe415cb

    SHA1

    3e22f54e75f31c6dfc8f0265e6519a6cb5af91ef

    SHA256

    27e72a81395c41b0a250b9bcfffad427d4cdbc36c4723fe9a138f5363891ba7e

    SHA512

    3ad3e26f78ebd31c00fac8ea16e70a864b9f1a81cbe3947db89dd8adb79a15ec38669447a099c247f8184eef3032f5c2444035e4161c5540abef45af50aa9e8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3127a4b770fcd7579c3f565107879ca1

    SHA1

    0dec1bf25616895170d1a005cdf30d0f9e5603dd

    SHA256

    d0ec5a10784a90b5db068b7d995791207dd6c772ce185eb3375afa1e89b91930

    SHA512

    dc69a799626d889ca999be8808322a88d90207a8a9423fdea4ad894a180e86400d432ca0e7da7424e75f86731bbdf723c17d14119b8fd7fd1f528220a96412b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c40999c687dc2f19243b4c3b7b26c946

    SHA1

    01dfb2b3b6ea140b6fb8f5206004caf52dc6190c

    SHA256

    a9c832d3fe4cc9d47cee9c0bcf4f12b006daa2851669edf6a7de39adda7c1236

    SHA512

    8acdf19b4615bf5dab391aac186122eac93d47e30d7ddac68b626fffe37179f697f16459e5f52e0184262c597180fdabcd9159d6382cfded7a5076ce49124b36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbeba2a72c178a84ecaa2a02fb04fece

    SHA1

    b208f6626b6aeb4aa16a348988f98969a7c4add4

    SHA256

    06447c724f4371fdfed03cd4f865ebccd814daf0d50ae1c5e99fa900e964fa0f

    SHA512

    c0a80db275ecdd6144c60462c7a274de6b8e24f895abed8633d5a160fc04969a8349d522f3fad5c9b66c6f7c24f9cfabf7b4272de56af9cbbae0cc961d27724e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d3fa0860fb56ed86ab79fd5758fc09e

    SHA1

    8f7968f97aa43a74bec507be566335e5ab33ccdc

    SHA256

    0b578d8171e8654c345379a28853bce21cc6d775d6543f78e3026236143c5dfa

    SHA512

    275435e7fb9de51d21e686e1f961520d37f3e54ef4613968621de879446cf59836827f90199577bcdb8b3aebdb0ad98a473e83c5cb49938ea7f8919ef6a142d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e08ffa7963f0ba23c7922407faa2b10e

    SHA1

    ee333bfd6f24bd203c6eb23fe8ba706bd5578778

    SHA256

    dc5131cd414ba6af883d268d4a4ee5887899b1ae46c70d80bcdc5a7cc0ff89bb

    SHA512

    61217d42c9d1d1b4b1d1f40add7d55e40d18c06232be23dc88700c712dd1ebc8303884d2f800614104da7090d66a564f9522fbfdf1c078ffebd17308ea67c98a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b22a3d7dbede26008dfac6f5d99f535d

    SHA1

    31677be951fc5e745e3de61fa7c206ecd57f239e

    SHA256

    f9e13b6ac4516f9fbe525466b516bf5198f90581ad1a99948c1ae9e88b1caea7

    SHA512

    8081b20553b0b73b63dee0b27a1d45d884408021e2c534909b4fc4a23323c43bde4433741db993f4aac3f53523c5378ee6c13f1e5183f87ca9abcf18e046b3ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    326a2fe6e83c224788573e2242cc10cb

    SHA1

    bb5d92a23b7fadb8484042cbc18e024b90b2b784

    SHA256

    1f513b5b6cf095be8c689fdd6c635b1bc8e67ae5812c0865d3693960e6c10dc6

    SHA512

    25c6a308a0c92778406f9d8a01ee122684de50c8470bbf159b5ab80c29e8e0bae94bd6286b3b5701cd5158582f425a03b3d8566c1954f71d68faeeaf20e81aa1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98169ffdb7d386512689d6b416e40095

    SHA1

    1e4f0f912a5467f045a1859bb3b9300e7cd4946e

    SHA256

    65fccd956f230c802ea075a593173b52b8251af71772b183382322815cbe6fd4

    SHA512

    422add3f8cd6f0816197cba5a42a757714030946964a32f827748efef77158d9d2cf7ea7100f903b2e6ba9f8c85c2622dca194b293ba187fd79fa1ae9df14387

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d698d820e51199bbc8ebd2514230e0d

    SHA1

    9276076c539a3be8ac29659e45ffa34649cb9aca

    SHA256

    ce992c2fee513b77bf214753656a489736db7aff86607cc59aa86226824527b6

    SHA512

    ed9bbf8085e2de6642e080a48ff7df23008c2d1b8ce6a13e6013485a2d5bb5017ae0fa941f38c09cfcfdb287ed36b45e607c1ea4021024ae48f3f7ff51d817c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa20a110e71b5f944982e3c9d6595d98

    SHA1

    c6d6600129c0d37b638ba9a4ace4451c0ef3909b

    SHA256

    199a824b3377eb8d53e36b11682054fffbdb446dfa271ab207b5c6edf48e684b

    SHA512

    26e80c22d87169c451d2465e74a0464524920a662bb8d0e283d2887f8f19e87ad81e388ba0653a93ae7057b5908572b9513be749db48962ea825dec6be11c750

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0144601791887533bda7cd5d31ae58b

    SHA1

    d2afb2379a7b03b07fc5303f67aa361725ed1b69

    SHA256

    b32f0a68920b5cf844b360c15caa6392ed5671ee275b9d19a5f658fead8f1a6c

    SHA512

    e457b5f37c21f5020c41c22f84155f4514a99ca3584726fa1b4ccab30f611279c46b68a78dccd61f25298ea556eda95f35e991dd7411fe08f7292723b38b3011

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d2c6a94394818540c81583c4db5e6fd4

    SHA1

    0e18d7724aadc54c391f37bf9e8bc59bc389c6c3

    SHA256

    9a327bf71c38c8491aaace1d07d22947abb5ab45fd76711bb57c2a8bc1934e5f

    SHA512

    4a8628551d1eee58e1cb3239177882bf13a470bd8a4b739472892a676642ac0a1de4ede47a58cc5a8b5ac028cb456d996c6d8e4ba4d5c8fd597adb736bf1460a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF9D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFEE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2444-0-0x00000000001E0000-0x00000000001F0000-memory.dmp

    Filesize

    64KB

    Download