Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

15b11a0b31...8.html

windows7-x64

3

15b11a0b31...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/10/2024, 01:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15b11a0b3169d189701f78b0b9751659_JaffaCakes118.html

  • Size

    23KB

  • MD5

    15b11a0b3169d189701f78b0b9751659

  • SHA1

    85ad8d5077705b2a78680222c01b05a04901a405

  • SHA256

    aeaaef7bade58fa24876531880ad9ddbca4615ae36a5918650c0eb878fe871be

  • SHA512

    8396aeba39dbfca89c652b9496f17fd2576938db6295523b256deb54eccdee9ef79a877d706fd2c099a3ad43786a91fe69d46ee1ae55d3998e199e27097b4881

  • SSDEEP

    384:ganlIcGtC4BvGTHFuCJBGGMWuCpTN6Z8D/gb1AguLZ:gZ8uCVuCQ8DghAxLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\15b11a0b3169d189701f78b0b9751659_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1288 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bcd73d79c01eb4084ddfa0f01bde5e80

    SHA1

    92938a2c1e37282b105dcde84d7f5bfa7f9d0701

    SHA256

    2fdd33b0f9adaa83c33f928c9341250564fb925100e002c2f6cc61ab8cafaf0c

    SHA512

    481fa8044962dfe8d4f813d4072dd67258d150f38f3b4c786ba14f18e0009ddaec87d0539c9f099ac2e8a2c4267ef2bc35a5238ccebcaf94d6b453286f9bf31b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    349af62776453ff166dd7b9eefd03ff4

    SHA1

    7a324b6def48a1d9a244d94541a67a42e80ca367

    SHA256

    85c212bd4a0e379f01a3fe9953387ed8e848816863066cac04ff0a7ddd16fb72

    SHA512

    8fc96aa3091b30ff2de380966b6cdec4ea273429437f6ccb51737253b61637529736f6a2ddbbd90b71ff1297c64608d56ad88dc221ef02e61a8ee4e12195f4d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    228ba5b960d69862284575929a153fdd

    SHA1

    6447f86d36939df8c9552386b428de241e9dd732

    SHA256

    f33accb0ad2aa9ade3da8f2e7d389112eaeac76a24aec592ed22b2ec391c8b6c

    SHA512

    4476218ee676bf0f5063d6f7bff6872ebee98c64acebef8e7337bc2dbe07cc337c8caaf8ad8df76dbf710c5720739a0ae99c0d650a4ce2985a3c6a8d26660c44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56e1396a5edb4fc3779f5dbb17bb8a83

    SHA1

    8eebf03dc498afefa41ed2213d23de8a9b6e2993

    SHA256

    8f5a57c16a3d8b6982a93f57b21585e216541baf88ef4f570c75dd1a972af839

    SHA512

    4981bb9824c9eccabc3d8d1fb1b3c71823aecf4b75b6f63611639e87f05bcc346023f528181d3c2a9057b4dc1eef1f95af4ab92ed956ec9cfd88228689a53f84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    590ab3a52555db048a7dc8a0ede824f4

    SHA1

    53c8efaa51336c480e636801eaa5d450a0c627c8

    SHA256

    97aebc2d159cc56b50018895767c36dfce8a1d5b5b1997d4e83e8184d48ea207

    SHA512

    990dc93d0d235158cfa48e626fca5f02af558376050177b5743a766370b3c9344a6aa163f7b6d46fc02547e8269456cbd946e816d4d34074d11f4d987edea6df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a48b16bc01b5657820fb05e5f5a6f26

    SHA1

    18cc3cbe291c8eddabcc4cc490366ae2fe583179

    SHA256

    51e2c6f167efcc21a0ad1a965a59867e62b9214fb60720f80dec9ea0ba5e439b

    SHA512

    6b0a77ef845c52e50813095f7f0395487b6e87b2a66253f9876b01a5bef97d4b05bf111cfa90ae160b13d061caa35ccc09f6ebb99e1eb6bba239aee8ec74109a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a4afb4a34ac981da4f54108a6f0bcf2

    SHA1

    c1a6cf8934cf2f8e82f5f37f4b9914ef40b21e84

    SHA256

    52d3462af8abe9489c7c5dabab5bce672e4b79383fd4c064bff25d6248d94b74

    SHA512

    5981a6b5b24b399bd69100b9db9f53275f4964ab35f462d83ee756381e3ce2e155784c57e7b991466ccc8642a61e72f4a0eb82928ae8c7fbb1fbe0317d3f7e64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e83d2ee98ae0a14d9cee1c80a615c873

    SHA1

    3413c28d036163432a8be73ff438008a2ad4294a

    SHA256

    d49935bee867d35a6c916923ef03aba73227f685bcc8a4178744364a0b8bb2ef

    SHA512

    c4b3d4096355df175de776a7ea96a367d1bfc3acb32d929fe10a4aabc0ead57df161d196ed84af0f68eafe6a976ea98a19d897b3d87282650000f4104c9fbdff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c34ac3a1c807584841d74a9b5428dbb0

    SHA1

    f9b17a01e3af92df2924c995c9911d412dfe61ed

    SHA256

    60def17fb9a00585f8bda2109cb9e75f12e074b5cbe8fed57bdbeeb387aebd3c

    SHA512

    1e581047a0e2739166f2c26053afaceb2be069f2a478dee9abccc8bc9d4333e6df325347fb6bf89e8fbfe42648a350f8aed3cb59e40e43ed72df44250acc90fd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC0FE.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC161.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit