Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

3ab9070c0b...8.html

windows7-x64

3

3ab9070c0b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2024, 15:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ab9070c0b2286eb43f2ade762acb33d_JaffaCakes118.html

  • Size

    139KB

  • MD5

    3ab9070c0b2286eb43f2ade762acb33d

  • SHA1

    edc4a7418eee62cb3b746ac3110d2af9d6489ef2

  • SHA256

    08f2ef8ed2b80e85244212a38ae6692caf91cd1d76076a14c8e453830af2eab5

  • SHA512

    b3d2181c672b86bbcf5692db3116a084b8e4892a8989b7c51712af73cda761728cbd575a3998a524fd2c643482af011b473ae038acd6a1675681d9dfae31043a

  • SSDEEP

    1536:SuIRoiE35IF2ljyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrk:SuIsyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3ab9070c0b2286eb43f2ade762acb33d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1960

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9bda984baa40f99b2efbbb1959e2d8bc

    SHA1

    ae3f26be04d8fe3e2c6447c504f9c809d9832a33

    SHA256

    beef68e4d45c3fce4f40e21999ea5e7558bd8d17d313248d3e8e459d92e86ba3

    SHA512

    a9d3c7d24f7605d3bc5fb9cb4c4eda236c08b0c90dd2c6a3f5cdd3f6fae90ae70242c2858c2ed0e31c5231742f601664a3732e6a903381611a124b100ee2a606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7671e531bf8f3269581547e2c1663979

    SHA1

    9cc7beac571408618e2cf4f92a83d9a44cce45af

    SHA256

    16304dc3b2606b25fd42e5d68931033cab07c0766c6e70d9651607d58208e758

    SHA512

    45380130987fe4a50d5039a9f8bf0f2ba54913e1a0978e0b134c020e062103a165c1846cfec16fa77d670825b1c61291d73a2df96d507dc26898e796012c8af1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    acbae27a5729b99ba1b677036c57023d

    SHA1

    407f0233104a374105f4b243d6d40427d53c24ff

    SHA256

    00947b7cd567b33f6803fef0cbfdc6969d400a74f6d9d7480db6ac49e982462f

    SHA512

    682133e4817145ab535f4b32586af12e90f7244332eb6b2fd22b9919793d5e7010292001239254649e440680dd4cdc1c89fa0024108fef94809928c3023ac6d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbc90485db31a39a0506840e313eae2a

    SHA1

    f34075c7983ecf1a386a90c66eb5bb5c10afd096

    SHA256

    3f130052cc3fc4eea25bc156884003c69184b23ec294fd35983a590757ca5a3f

    SHA512

    126b9ca30d86b8d1a900eb1b471c1a1b3a01265828b4ba836b84de916040f291b8c5a00e024aa36de74497c754dfa97aa0c586e68a7b6995a0a84a809d601832

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4de638eea1a15424b06d56ec06a76da5

    SHA1

    d6a7f9666cb2735edde2c9b1399785c5f0be6514

    SHA256

    c62eb485f062eb3b27a1c7490896c09e6798071e43a2a7382807325306a2a635

    SHA512

    7eb1710130e8e5b3d59f9cd1b2205aff92e980cfdf48db6e4e8d709b29572db8973a4b510fa47c9650e3229472dc5afffb8888aa82c84324e4370e772ce33949

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c28ca1496c7c0b8b954424bf7d422d5

    SHA1

    72c769713b8e912326a3919ee088f181a61be071

    SHA256

    d83e818ac2c59634040d78877164e62be3a5ab72adf2486920d29867aa9514ee

    SHA512

    7ff1ae032681645d36760acb0e4c7c2c9a961cc5c1a4812077ec5692e82f25cc7d459633e0f0f82d76797afcfa6ebc0830aa03af3c85730f821643e41c3546bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e6882e7e450254f63cac5e98d450c34

    SHA1

    1174db2e895c125349a0aed38f5633624ed5fa83

    SHA256

    213ccf3b702a6c88c610f1957d9ba1a99b815c4351f997ea3a6906a3cf944af9

    SHA512

    8949700a828597e9b1023e9570bcb7e6f3e548137bd9602dc2a96602bf5941f506dd6471950edde215b7945a54cabb0fef2388b934ed476a7bcd1ba1f84562d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66398b726cb238e9cd0ec20b2df17e81

    SHA1

    18e1098c819e329f0a99388c8d04352a357d92d9

    SHA256

    15fc3caf7e72e1f3bc0d5e1240e5b64b6a644c2cfe2aac35a6aa97f8e23c7cce

    SHA512

    7761bd4653f8349cbdcccae43d38c5e3ff1d3e89c775cf98d1ed18394b739fc5dcff894a127aae224612b885fdb4f1fcfeedd719a34beb04d82e55c349c64428

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBB06.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBF9C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit