Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

36fe6e7bff...8.html

windows7-x64

3

36fe6e7bff...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2024, 21:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36fe6e7bffc50919dd13ffd7978ea311_JaffaCakes118.html

  • Size

    53KB

  • MD5

    36fe6e7bffc50919dd13ffd7978ea311

  • SHA1

    1369657bb4d12245fb55addadd919479b7d7d71b

  • SHA256

    7025403972429f95d5596ad75b1e379a767135f08e77a8e7c84731b42118365b

  • SHA512

    bd0141ebb22bbe1400abdb051436eaa7b4206a15786a3ebba690e5ceab8d6d540a44bc7878153506e8b62ed7b251283ec9776e4d1fd54f5526d5a9fd161e232d

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUZrunlYw63Nj+q5VyvR0w2AzTICbbco5/t9M/dNwIUTDmDH:CkgUiIakTqGivi+PyUZrunlYw63Nj+qP

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\36fe6e7bffc50919dd13ffd7978ea311_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d57e37f7d0f6024f5353f884143f4c1e

    SHA1

    5550994eb6dd824ae1932e8f8fce5fe711340e06

    SHA256

    9a7d311da79f2c3fa61d36b300b0f9eea48e8e75ecde3be82108df52c70b8c5d

    SHA512

    5b5f53a465017a982d043ba2eaf4e6c156de25a087b4fa33a6e5132d6c189187457b150991ad39a00d3aa7f0c626fdfe78d2dad09b9dd9d716c70f7abd443afe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    994671589768c2b4876df867bd6b7ece

    SHA1

    33b3c6c194dca67a720a2fae103a49b5eccd4f02

    SHA256

    6e3dc29aeff99088f939496dd70897426f983ac376d0f9928b51d342c9350ae0

    SHA512

    7ca0ca7545f75ba9ddc36ac737ec7b5aa9b114d0106e88bf8e68aeaf976a40b7c56cbbdacc3a7300c896799ba8bd1e852f70f8b43783c8f6c4cd3aa12b98ea27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2238ed78255c69a3808aad8b75c11f11

    SHA1

    e41862a4b700b3d1a398c31e0cba5eeafbd3afa0

    SHA256

    a99fa0b409e759264e4f1d0fe5c453b68f678f10c837750005f37df88e48924f

    SHA512

    1564017477fc761d12293d484560d2e7d6fc10069fb6bbb54b4334c79334c83bda17ab55ed19ba66a8698063a6bd63b290dd3e27c6f8caca186b96d8c44085b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dc54dd8d8498ce86bf6c2d53398b3ce5

    SHA1

    a91254f7ccd163304658935cef7d16d7370d39b2

    SHA256

    d0b77c56cecc9b96024f658f4b4aa9f088e89537c29e53d3f2bd905c60b014ae

    SHA512

    52d4ffc4ad7751e5a044755a49f3b020204e97037cf10c25dc03c7464200403613661461840c9400ad0e3b8db44bcd1401e33704271262e186d5cc710ce34b55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c77faf17dfe3748e8a60437dbf65609

    SHA1

    0a9b00a8f67b6697c2245b9d495aa9f8494114e2

    SHA256

    9b6aa521e4244347c46ef0f8e011062603794e4e5054a4e62223b7bdbce5e09c

    SHA512

    6660d1f0f518d94bb56c007cc59eb7491063a4b9bfe04e162bfa9ea3b32d70eb9df6c79308c3caec83eeb475b61754de1a774b5169016a17c7d2a448dae96e1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ea2620641aa3f0118113f7a92741704

    SHA1

    8025da9e56e17981042d0b53d52124c5f148500d

    SHA256

    c00115d236b9d3d9e36c9a413e45795a7534a542feb3d3d2a940e4420f3844a9

    SHA512

    badd8f0873e7f4cbd4cd57b1d2f2ad4b7ab9f8ba49992099a22bb4b2d8e613468fc48347204aa43760db324842a2956888a0995b3c751a82a1459d69cd3dd8a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43bd59d7e863ad2452e4f285dd048aa7

    SHA1

    ad28f67f346c2aea76c06b4bbb212dc7c925c37e

    SHA256

    da5eaca4e1caca9783a42c3166801133f473f0da80463876ba1d760ef2466d2e

    SHA512

    d6561da416b433c17f7fed1c7bdfc86bcd66f536c8473a10e0aacb8cf499fb4bc4741b1175e272617c296fb981be3f42dec89583244b17bed80284b895b3c475

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7902c3c8f73a8f8d84a8ee65f3033a2

    SHA1

    18f186f353e814f0de2ba13ac32dd7c87439ce8f

    SHA256

    763c6fdfcf40763e76588ad56f2badb2a7186c56120580a357c1f64f203d422b

    SHA512

    0c9a7ed59db4d9582e79898405192626c8cace9546b8366ab04a6928f88eb8fa157ffa82f8ee9e1737de2a2e367c60462c5f7cbea241fda27ac576cb113c80b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7817f3bc93be9c7fd478d63dc688eb6c

    SHA1

    9f873c37873b95f7466bc91df5268b101b027112

    SHA256

    2b2316ddfba47deb0c69799f17c3d62f9eed5de0f76b0b2aa501a33913996806

    SHA512

    2ee4a630dd386af867eac3578742152a10f96569255a7f9e002e729e604c2e0c5e8db2cedb7d7a59ce3737dd223f2777b228463bd2132c54d72118238b113e39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    97546059b333d6d107ccef4f8160fb9a

    SHA1

    0b4457bf9b362c46b4c93a15132ea060578cafce

    SHA256

    ca6cd3135ca37951424435cdeb7246e21d4d1a49708da679cf2b501ce5260be3

    SHA512

    084d61503d8c6ec63a7840b76777a45faccb1f11a4211838c5a2b2a480a0f151b52349677fa83b5cd47f46ec0423b8477b53b2d3e16efd00d13cb0381e2e3c26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    130e6fa12138a3086af6e4fa913b836f

    SHA1

    d8164a76f51ec7db6c836ac73d5a0491c44dd434

    SHA256

    8ad3e5194867c787fab39610e92c98dc0e07a2ada4c6f18d192e12c3cc419913

    SHA512

    6401c259ccca0c979be393027c1d45cdf658976a8b0801290d5dd5575fbd0109ad4c7006b10c57cd867934beb25e1086073090e0bd2db8b65ff95771c43aadbf

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3VL8XEP\upshrink[1].htm
    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC063.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC0C6.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit