Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

36a64ef65f...8.html

windows7-x64

3

36a64ef65f...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2024, 20:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36a64ef65fdcc3482787dd86fbb51a91_JaffaCakes118.html

  • Size

    214KB

  • MD5

    36a64ef65fdcc3482787dd86fbb51a91

  • SHA1

    c74210e09cce960f010e6527598e85eb1ba79e63

  • SHA256

    a59a787f11e490cef0e91bd5cd27a6702c4b3d37e9ba7497ebb99867ea2afb9c

  • SHA512

    68bb52a65d88381e5da4ce3fabccae837d4719bda4b512a7f80dda7a19773b1ae7fc17c59076ffd1e8a6216dd8f28601bc54fc4b1dc6b5eb305e3142332704ef

  • SSDEEP

    3072:ArhB9CyHxX7Be7iAvtLPbAwuBNKifXTJm:Yz9VxLY7iAVLTBQJlm

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\36a64ef65fdcc3482787dd86fbb51a91_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1456

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24da4264cfc908bf4e178ee162790dc5

    SHA1

    30d880a9263b3b3e612559d2f9341530a6f07024

    SHA256

    04eccecc03c28df8b1f7d8dfd8d7ca5176841097618b92070b13b922ed682b0e

    SHA512

    e2a308927789ebe5f8872fa9658478e09a8221fdba1b77cf9c1d866b50cc743d2998d8584ec99d327a0ac67312c565d4206656bf7fff2d30a43ba1d41a1e7837

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76badac483ad2022cf3e4134f24d82c0

    SHA1

    bd4563432d41a82f7c743acf8bd41bbe80a25cb1

    SHA256

    d2c5871a0e9760572ad172fec132a32f6c93e45470028bd26be2ab50c84c8219

    SHA512

    3341917d49b76267c27e9777558c4643a74f4b55b664605f4f2fa4eca73a3a34f342f0668e0284e2395661e4040fd60a0e75b210305f128da52803d835afe8c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8912659609d7ade834f47a9759e63b01

    SHA1

    1f249c926e642e2926a822accb48c993fe1a6049

    SHA256

    3388ac9888a18732f3f6781c85aa612b478b067ceae4ed8e5107d26b6c3e3ba7

    SHA512

    ff480ccc3580072f7b08c704933191c834188593c6730c5b274ab7713547e228df2fe6c8507fb44f99bce97ba88e12a765ef2f98749e85815a530c34db2bcb9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62be477ad023a139c1bb51496503da10

    SHA1

    d462939dc2053936308566163f72dff140949b33

    SHA256

    c7cc363d2cab4ad7590f5470cc2480defbe3217a9e5490b2a0f0fe0131e8f4cf

    SHA512

    198ccd501c2d769da320f5a94bef9159d39671b2218918b47542b9332527ac1c7433d142b1feae0127cf75a1cef0985549e7b4d9678e388ae2c9ca48cf641950

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d6f717f9852f70c9a19a2a87f4fc068a

    SHA1

    7daf6a5f30474b6d779f8d2d75905d8153cec488

    SHA256

    46cf5b39c39dd4b52ce53d4caaf2423eb1da343896962a6748f6ffbb6492d2b2

    SHA512

    d3705d6d8a2c0f7f9db5bd77f77862fdf839809328fe1615c9c395151bc042c044360ad2fc52ec4b6147d6461f5fd366500f9b5b189313c82f820461b74ea5f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36d568065ee2e19fcc8cd7926638c28b

    SHA1

    adb6869881ede4941a27445e028a4680281d831e

    SHA256

    d3df6c9cfacde1c4bf23fc7346c9e18426f16dea12ec53035aa8a04a95842855

    SHA512

    2bcc699deba74af9c508e4e4687ea52d6cb20ea4b83e2ee2f49fd948f182a71fd5c83664da6e3179c7f7367a5754fb0e9a8126238e818bb02b0b57b293c92fcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37742bd2006f809dab7d98c99aee7947

    SHA1

    03e1b50b2f38863f24081f7aee4d7c75ec9e7fbb

    SHA256

    ebcc8f6ff411403b1f7a5fba64ef88f2012b9966e4c381720e71c03a697f1283

    SHA512

    9e496173891877e77b0c6fa7985eb38c3ce6bce33f5ca3c2f8fce8e9535ca77dbf37e0461bd48e537eaf148185581ffcbe74496c896aad6acdfe473fba7c5687

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d89abb5545d05e83041a5a987f676dad

    SHA1

    60aafd0ee78ace85f22efe610bd3292fe038e918

    SHA256

    4162c25f8e3b928a038e341f7e6753cefb31ebfdcddcc4bdc0422105d08a6aeb

    SHA512

    1c3fec968dd0a5927ace24c50636a935117673827f463d3fadea49d50fed46a3e9f85459da9588362c762e9da1b1b0e9f3e514da1887b8867244909b3533974c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8476c868e1c9537194e03cb7aea534d8

    SHA1

    377bbc9eb716acdc89b73c4f7b787404d6b5f00c

    SHA256

    df00b6ba11de6f5ecf9dff2242459dac64214f8dd7a3c5027e54261b3af382bf

    SHA512

    63243d1607f69f5246f178259a369860ff71a953b8519bfb4aa642c9f4b2b8ab453c5944cd7a6c39f1dda1884c7c8385a6f9e5443ea2ecafea3f23bfd89c109d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab9CED.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9DAB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit