Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

2ac5f710d7...8.html

windows7-x64

3

2ac5f710d7...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 04:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ac5f710d747ce3c2d3d2e9d232da92f_JaffaCakes118.html

  • Size

    9KB

  • MD5

    2ac5f710d747ce3c2d3d2e9d232da92f

  • SHA1

    4c67c6c70841ad9bb7907b61443de76e8e7fd99a

  • SHA256

    9bffd6b6d96f4298997fcd2e29508024406cede383d846e3f0bf31c357c4f511

  • SHA512

    56434914a9556c9802318b8715571eec147c2c483f77565afa36d04a00fa57cc84b3170ec5b8a3327fc1fe44acb5110126ab4d33ba0b0901b363933e066cb44e

  • SSDEEP

    192:H002Q6xr9HSoZ9+eofjtv+f6NYwNGpkEKhM2uqPxQxQGqa07:Ulxr9HSoTbyjtv+f6NBxfnPxQx58

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ac5f710d747ce3c2d3d2e9d232da92f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06bf85b7e4bbd29d994941eeba5ec68f

    SHA1

    187f0c341cbb3a3fe2962c8c680e6f20ae1cee1f

    SHA256

    7eea1060f188da1cb800f980207c2825dca08823672d9c4c65efd9f1012d2060

    SHA512

    8e20c3e62aa6f65e83a04db81df70e107407ef59e7a0414bb3b5ba879e24b4f3e5a36f0edefbe6ba91fff6f0e75f509bef22afdcdf1b26d913c76b737052d5cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e1bf30d7076e2fe5a2693a249f961137

    SHA1

    27db3d1169d1f49146ad1d6e274687f6e7423d57

    SHA256

    94b815b9aca3b6cdda0f4c9ac0f69e6d2712ff46806aa44ad454f7d5aeb8e79b

    SHA512

    9a75a50e164c79c95bc3d596d295f16fcc5d02b14af550f2cbe28083f36e22f046fa46885ef897c98722f93e8484cff1f9c4983432db327f59dec38854849f3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3da174b31eb50b9d6fa5b196c02cfbe

    SHA1

    bf26b01497142cec4022f9f288b1885d6d6729a4

    SHA256

    3cdc56c924243ea1546096882e584d4d71189b40c1a2e00208a447098340adb8

    SHA512

    a2b81cd2eb384072dda30faaa38b7dd60689f4b752668404f4fb7b87054ae7ba805a6c68569675f629c0e680c0c0414c5dd3ac7f47df980f1e4a42b7f424427e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bc2249b4966a23480e65e314c1d2b2c7

    SHA1

    f876e5cd0991b5652d5669ddc9a052750872993b

    SHA256

    cdf576e461c8f55be16bc4cc5815e80a6874ec64a2c54dd88298cf41ce89cd78

    SHA512

    86b47d602d2d47c988c5160cdc5faa212a2a3097dc9a6fce13fa5b7f1d31ebddc3332f3bbec3d2306bfd4be6372d230eb6e00181aac4bf66e1ec4e11ce923993

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    394cccff6e2cde5cbfa228b5c319695e

    SHA1

    db44c8f74fa5a8749fa0cad2fb71a2c2f4036654

    SHA256

    bf2f783eccafa19610325ffa83908bd0e29d198fd72c469785934b98c7e32865

    SHA512

    e67f58bec4a89f58654119d0644597d50de50ac5a147be3ecb7956f5051c705ebbf7bbb4ecc4a0eabf140acd753131c197b990461cc577cc61b9f1041be1b700

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d06c339eaa94eab19ecc31e4a5617615

    SHA1

    9d99bd1980ef94c1b0b8eec987193d57a1aa6201

    SHA256

    b746d005b8130e0ba03d538d68de5129cb247aa9344931d961cf75cd73cb0b2c

    SHA512

    ce9568591a17064031486594a1152fb6cc3d65d993c0c394f43a7369dd8eeac2ff0cf5ad06fdb5c3719cb1abadaadb59f9d674957d2fc26bf8b8455eba36e81c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f287e4306a067d622fd0b56208e2a34

    SHA1

    1e8a32d89b79bda38311fd779c5f73a84962aab8

    SHA256

    d7789ceb7cfd368646cfdb13dd60f597e8423f5758b54bff291c9a1d5bde601c

    SHA512

    88bbf4fcb630f297b604b8da875f0ca7b7ea34aa90cbdaf626f21b9f99f967420dd035827b9f8ad8e1cd15164f240603fe1ea5ddae19412bbc70fb4d73655841

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31a908927dbae539d876c73a10072bd8

    SHA1

    b70fc9657580c179836144264037aba4d3c21c0d

    SHA256

    0289d09f1f88917dcee44c45a891a3af7259905dec31c728efd0d2db2e292acf

    SHA512

    d0b63459305ae4681a2f2b24fe072bfe083112070a121c64bc1b5a9f0bd60ac0c055bef35400f0f69a80783fc732ec5ec87e3df4e42dac644a4b8042f7fb2a32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f67c7fa78f3c2e60d499e6c6a5b1ad0d

    SHA1

    443108587a59e89e435ff6a91bfb079a0fded956

    SHA256

    b3d663efdd04e06ee8c8a025c30f2efe9283a317d5aa37a23c2d948bfb7b12dd

    SHA512

    ce9ab1a6940cd9a8a6c370712952a085cd4bcffed56dc85cfcaad66d84a616e63e3ffc7001bfb60765122716bff58589c1562deedf84004f5551cf63a165db78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9032107aa282b7f983a00164368a552

    SHA1

    23ba54ad4da8e06afb12ae4f6fc87b5967d9dbe5

    SHA256

    b3d153db3df6e290e8eeace22e8f1f69de79a3adf3529f4e449dd16e7a6881ff

    SHA512

    3a9106feccec5f5cc533d0a1c702a21e35732e6760c6e674cac5664a894a767d90a337a436ee628a5472bf38a1e8ab42a749d30d6aa7b96c76bda7c849bd34be

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD29D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD494.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit