Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

266e39a4ec...8.html

windows7-x64

3

266e39a4ec...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2024, 22:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    266e39a4ecdf90c77c57a83d3f16b613_JaffaCakes118.html

  • Size

    30KB

  • MD5

    266e39a4ecdf90c77c57a83d3f16b613

  • SHA1

    e905f1203a46ef12661fd398ed16d7a05e9645d2

  • SHA256

    1f2d73f9df49b9ba6c1984f399fc142dff5d618e66be35fdef1b9db026d9ba2c

  • SHA512

    a72a847e4e9c29c846bf49a5efe482bc091b3d794ab531895e9a325e0ae2ab24776a5b8963a8ced298c9b344f1919f35f7ed599fd679eab8456310b8deaba5af

  • SSDEEP

    768:CyiSE9hnEZsfttHs6vlvQvPv+vfv+vJwvavxvdf1TGPd:CyqlPHggPd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\266e39a4ecdf90c77c57a83d3f16b613_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1924 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    be1477b948ad296c3c474fda954772b9

    SHA1

    88692a01a785fb101d57f7b91907ec8926b79c87

    SHA256

    75b6c9dbb752f229c38b827dcc5f845c3f8c75decb3fb78d3d8f4e1de89d9763

    SHA512

    65d06794f026fd03869cda4cec54ef0ab01ca609d87851ff44dc76c3945a91080e785d95563da4b7d115b9141eb29c5f0ce79a520401c48b6b55806752d0c5b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55f539fb525a8a5f5d748783ecf13bdd

    SHA1

    e701e89af249f2daaf6fb3f9fb71429b48fa7b82

    SHA256

    a42629e88a0fb743427699de6aa969d086ab8ad760fff29e6ea68920d85e9458

    SHA512

    dcc8f361caed2ee01b9ee131473ba9de4e4ed0523783831ddb359c6c4ccb1e9a16b444f33122444fb9240d7bf5b261afbf684fe77cd46133c350c69ec761efc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b98143a1950ca3aa47efcc1af2acf01

    SHA1

    664e0954c5ee279372b575639d0317b7b09c29ee

    SHA256

    626412112fba0cbbded9997e4b2ba7fbb5bd1824b3b24ca66c17d36e06b130d8

    SHA512

    cdfa39aadc2f623732b1de872def9aeb0fcb10ab8eb5d2dd421da092657ce01a547d3dd21f006b125ed1973eeb3d4a7c8fb203c9ed6f0535384631f742df071f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a1e3dd5e1c3aaf138d1a2fa1ccdf0a59

    SHA1

    a14d8a35cd3260e5d7a0692c8609853d6ee38ddb

    SHA256

    3050892ad177091f922aedcb69fdd5f9be772aecc877db00756c16aaa65406a5

    SHA512

    5ed83887bb5a125c8e398133bb0d17813d5c2d94944303a63c57be8253e3cf74618083c4943e34f33a97ddac66d07a541515ff47ebb7c71ec0589f58e10f63b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d860885d675974a7fe32c7a62a153b11

    SHA1

    38fd22115e3d7f2fcb1dc9c52443e62f0798b12c

    SHA256

    e17b5a9659567f665bd0df93edb7353046d9d1d95e31fcde236b5d8feeb768dc

    SHA512

    38a89917578c41163b276e6b1f477174770c56c5b90bc461cb9cd912014b5f750da33ac5d0c82a3cc586b5cc0510158b5b0921c1a975cc51c3facaccd424634d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31b1e1f4a1b6fc20e015a855725bc3a5

    SHA1

    0d6e3b1d87d52252a57c9da0662ae98de8d99531

    SHA256

    a86717448d457ff225423af9599c278b504334ae2b2947613e8ce9b6e5b549a9

    SHA512

    ce3af9e11a4c8d3ba63e65f913300e8f33b93f33f2e6397d6a5ceec898a482f94dee95b73fe0d25365ecb7dcb45de761a313d530f5020f4ec2d7331a521055a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    446c12c441f9e4dc54de9f3c518249af

    SHA1

    2574dcdd926c17f479b2cfc8b94fa8c9e5d91994

    SHA256

    6704570f1f61a82c2c771a43491bee4ddd3dd266907b152217b23b4eafeaceb2

    SHA512

    71ca018ff1355e48058361a3e73257d6d476dc83fde37d2d864d784dc285ba9a83dd88528603663660d6b0a276c4f954aa017216a46249e17aaf2d36cccd9094

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    661cf237d0ef56b54ebf4c8895bdfdc2

    SHA1

    bfc1c1b0583e67c9e9ee766676256ece22df2cb8

    SHA256

    e54ad3ec182457b5675e4d502b0d664bcf46eb01ade432c166cfb1c6dff752ec

    SHA512

    a987f346fbce7116f28642f3f23fa925430afeaf426f60c8776aae5be68424a78f030c8a8272ef3d2a323a518802327d3773589099700dd98fb1041616526acf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de5dcc481e4c6dd7ef46edaeb872d677

    SHA1

    22669134a264aa2054b7281414d1cc841a1fa0fe

    SHA256

    33b6795a9a678317b652ec5a77787afa3d4bb9313f71351802cc9715a91e07b5

    SHA512

    12a637badac21c0bafa24a68c8f3b1b9337117471dd517f61c015cae75b9495ffe127a901df3df3404f2a13048f4a0b570f272c883e41cabd2d72a4403b23a9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c92db41de0d1b6d567cdfde6bb430198

    SHA1

    6256264ccc5eaf217121b501a882d9978f3bbe6f

    SHA256

    36ecb91eb3c85fdfe3108f34b12a3d6371e5f412318d20799ddc08275d80f156

    SHA512

    97423cf924edd12e2e8683c230f23caee23d1a5ee09089022e816ebee4fc2e891d48e26f8bd9fdea5e31d1fbc4924b49b1b4cfec3de9e53590d2824d7090bb08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20f8bed84a43bd3847137a9403b729fe

    SHA1

    c1c9c789d6ebe8fd568d2e41c16e48f474959ad2

    SHA256

    1c514a7b125caceb6c703ed682059c8d8c095ab942c9fc1ed2184cd334a177e2

    SHA512

    2e9df36efc4b9ed64fb4bc6bc9d4b381d1e93ed17a1c8d567c7e03f0d279856ffc4addd127c044b4987544966eaca1a8b90c8dabf73cb49a9468a2d04c208682

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f6cacd0f24de54f92bd81e16e327b9d

    SHA1

    206519e59d7fa47ee257891e83d325a7df5432f4

    SHA256

    81f615fb689ebc56347e8812578b0fb0e64395aafec1264b9e2d33350f1b9a47

    SHA512

    a117f652f1805aecfe813446b5e08d49a2444b482a95ba9fa45d9cb47f80b302c20e1d2eac0124224fae104fd0e2568aa822562ac6f734137f2543804a399962

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c73fb72e0d2a1cc5baef538f4f89863a

    SHA1

    fea9206a72d3bf9f7bb5104e004db1ccad751263

    SHA256

    e6a91dcaf270b48abff40586f79ef5c925bb5c45ffd4576a494f9b5972fd0c24

    SHA512

    235f05c732a27674a005fa6900b2f142f63c1ea8e67d489674c8ab610d03cb86c85469b1bfb711843a7578659619eef23a1d4e078b2c5a1774a7623932ebbc3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ddf5e54d64390272c80e2056e938fc0

    SHA1

    495b234f05dac4dfcce88f8117c4e351995fefeb

    SHA256

    f3e37abc2686c122ec9bcc39ad86ae372cac36d55bc82ad404e1c323ce1225c2

    SHA512

    bae4b2f3e3ab4cfe48eb14f4efae9e16163fd188fcbdded51eb027fbb4c55a588d576a8851f6a3b5fbfc7d51c0746912bd9de03fd86bc3d190ab6b55d7bdc441

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    08cce9c5ee9409ea1d27a2eb97f193d9

    SHA1

    26cdfa887da652b646d498622e86676e6f69662c

    SHA256

    2d2cb340f7d265466613aa76b29c8de0fbd97a07cbd1babce9152ffe3e423532

    SHA512

    0cc0dd1aa1ead879ec4e1a160156dc76e3dbf9de4f20f0cd3f2adde043529989271fea1ebb47161bad1c2a24b18f589458699b666e8caa543a8d50c609d22984

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    04e9d7cf94514d935ffae0d8799e70c0

    SHA1

    ce6d05b5acb4e46de5c35efc5a6d6dd375ecb860

    SHA256

    41a985565cba0ad7f25723e343315085c62c63c28ec79d6dd80ebf76436fcc14

    SHA512

    295f5eef5ce692699b24197e07e571a23f57e66069fc0bea2d6d9a70e3d6bcb3ab89746cbdd6e1d8b14996cd452ffedf0cbd7dc041a67df2b42971e6af25f5bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD589.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD5FB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit