Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

3f1961f01d...8.html

windows7-x64

3

3f1961f01d...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 09:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f1961f01d06defa4a2f1363f66bb8b9_JaffaCakes118.html

  • Size

    72KB

  • MD5

    3f1961f01d06defa4a2f1363f66bb8b9

  • SHA1

    1d46d8e56b0c27ebd29a87610d8f900aa38b7313

  • SHA256

    0a8adba12a647fce563d0b689895f96f01ad4e7efca7a5f6e6a8c9c67cba5717

  • SHA512

    f25032ed96e185eec84fa23eee5b65a2c03f02b3035750412f75d2a3a3413182b7b8c427c5ff2b5e8feab357370f886c0eac4aa8e9ad6e00b8dc502a0dc8dc57

  • SSDEEP

    1536:WUaYqKkEg/+1dteyOMsbhY3MS/hBuq1FBEhiF2zc5szS5vvQwVeRjVUDDx2rvFZI:mMg/+1dteybduq1ieCc5szSdvQbLFHe

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3f1961f01d06defa4a2f1363f66bb8b9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    be932793a762d727406ba07989ecc724

    SHA1

    6450afe4d6f4bf1051e375030de4c58cc2135ca2

    SHA256

    9b71c20163b660a1c5df3da699931748bbef85cedf3e8c8be8eeba4724bbf069

    SHA512

    a625a81c44d48678def4e083d0dbf4bbaf6714f14b49c004a3b09225343cd66ee4cc53c53bd8d4073078d97cb6989961fd2371b4b3f9313cf692368d238ff501

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    17d6ad2c55cbd6d5fd62ad139de79b70

    SHA1

    271f44501fb98ac018a76c791aa41f51225348d5

    SHA256

    ab819a468031f2e3053323af1c35d4b52cb8bcb79a28a126d92d8598a1bcd3f4

    SHA512

    1f789009af414435c6ea8a7ee0a8df2090bea91769b1b91cb62bf988645b0c72a067a243527a7a894da22d25b76e270d3771fe281744cc5235f7585e8a38dd11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    8e7cc30692abebf9ba384c39bff6b43e

    SHA1

    a93723606888040c892b501dd727b2df90575ab8

    SHA256

    6a8dc1f6e866980d9b061d8906daa258d05ddef823e7a876c0ba74e3f45920e7

    SHA512

    aaa72181e4ae95f92b21b27f74da7185d60664d0cb5ee3f7e66a881896f6e3476a879478a7530a426895dc15930f0c9a65e96188a0c7f333269da04b085a2cd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9cc5296f24a8481426f99f576ee9f30

    SHA1

    c54fb60f9a1f1bd639f7b8d6cf9eb685e11a397f

    SHA256

    8d1c8e8dc2b2bf01af9e4ca2a3993b592a296331f7439131265cdf842c364d0a

    SHA512

    d621292ba1fbbf69bce890f4027502614f999de90ff981a9c2006402d8068ba9d890024fb1f20be5e84ff038e3d33484dc7cf432fcb9d83f03b2691130b3ea7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81dc824b21499510556487a1e3a82aa8

    SHA1

    923d43c686c90cca47174cec2e0bf3cd1f8f4614

    SHA256

    81be68c9cabf55d473ecb5c0ad05ea6a02c65f426dce9866fcfd25833f1e3ce5

    SHA512

    182162afe83b346034c0d11566dc34463d474d46ae65f31c72002ac0aa2605aedf85aa03218de3917c423f6ba6918f2af69ebe4cf6d767a77d941a8534bd161f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca6916cf727409d9804e1cbc2f3c62ca

    SHA1

    c73b5439889cce3fe49c1b7e1a10151ef27d07da

    SHA256

    7b0eab48376dba1039937652c3ad36f9acc0fba847213e1c89288b8a50d9adbd

    SHA512

    23e25bf6959c184457aef2311fd7f1b5f4fba8ec54d567f352ceeaf4e1f232a58e929a64d1c267c4b976ba50d824e31ffa327375e5451df17963d3022c5576c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f97da7f8937464aa8fc0749ae80ef3b

    SHA1

    80c6fae0f02a4c9e5d02550e5a4c24400abd1bc5

    SHA256

    76503e83cf712beda08db6a33f98eb589b818475f59945c35228d73f3cb0a335

    SHA512

    0174c967680f83239130d4bc258975c928145a90b3b8b76ed9cfa6027180ec37d2d91bf9b38024576153de5e627946974acad70b6fda16ee56fa5c619855d338

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e8e75a2c29c9bb5c1abe4bede69186c

    SHA1

    fbdf4c4d4fb8163bdbf035a12be89d4b2f86f098

    SHA256

    b3af7bec1f481e7921493697aa749e6812938f35a73af74c7e4fac32c49dde82

    SHA512

    07964869f84d738ce1863f9e5aac27676b8dc081ef8bab92dbfbbdaec99c5f89d75f1b85a8d0639b64adf7657670d7dbbf0c65cf2ab936d4ca482789dc969a20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4bd5da499071e66d5b30cdaacedb084c

    SHA1

    c508dfd65e6c5f60d7bb710735c137de18df377b

    SHA256

    881a495d9b325ab0a67446028568d76fe0e381aa3f8843b1f74a88c879a5cf2b

    SHA512

    26611fb0770b6031db577320ff815a351c65977044dd5f5e61aa30db6c0db3b903dbe63484f0a79060aefef9f26e1f94b347ce84184b57ab3f61b1b1063b7f0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    227b15a704460fb8f2fe882e25ab700b

    SHA1

    63b6736fb99778e31733e821b477a97d0d0c52c6

    SHA256

    c56b197eb9da7e3202257ff210c15d4531c7cd9c67c9cb351e517b61c78e26c4

    SHA512

    8e88d261505a5ad81b29e46f860ed790e622d042db9b44188be1a16c733f01da779b4a454317b54ae30ddadd3beab4086ceae7246c91e96219e124a734343901

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    975d9d9408c5991fea6e2e6397d82c09

    SHA1

    66befcb99f665aa264f8bacd741f81adacbccd5e

    SHA256

    2a9863e50a31d62c0b3ee998152468e68bd95820e38a558257eeaf7acfb437b2

    SHA512

    09bc17a005dd6c73a814c0f5346cc8c7dff77e2dc81479798f1c3890ba6ac5e2f9deef37b2fc8e5218c034417ed058911e383cdffd327bdd14efb84d084222f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6058306a561d37b01f806de6d8ddf23

    SHA1

    10e8db5b6b4e9085c85031b9876a76988a73f433

    SHA256

    4d64981b62b48dd2ed08796652db1eea7264fc41244b9fe9c6fa43ece0c3d4ee

    SHA512

    e65e808a751b46ae51b777a51b7722ba46472d10ae5b485dabb0e800f1dcab748f531ae5c4afe1308d097576b77a4776b1d0a7d86ee241c38da1ae76df645d71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c95456c479230833d6be2a756257b836

    SHA1

    b3efcbc5bd8862b1d30ea7af0e9ba7ffcd579c26

    SHA256

    cb8be8e02f670a45ca1e916c5c8db37fb6d3595719c45b91ea2e3d70f78f79f9

    SHA512

    151df453f725f0fb5a9002125feca7df75484efc0a0186eef8f28552d5d3fbd57f8f98cc9f7c2ceaba73b755fed3ed14d38d186ab6c247c3719365bd52239de8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07a65e09da79caa8a1f69ecd430dc9f2

    SHA1

    f52173719a2c19773babe52debea1f8cb8027eee

    SHA256

    5065d10acf60ca99fc90cb934c06c385b5927effdc04d75db8375a8f007e4323

    SHA512

    9a34c48d2ed3f78c3ce99dfb1cdca72f173fe7221104c6c85fcf6cd3555d98039985a5816baa25cbefd1dd873e8b8f8ecdfe600ddb1ded42b06b2bd91fc257f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    691361a0d0a427e77dcaea530cd2d8be

    SHA1

    c93394e018ad0c7b4e4e25c2793070b887aa5f1e

    SHA256

    6a61e64d8629c597ef62412b7d4bb8bc6d833839800f6ea62cf195abeeae519d

    SHA512

    c7f004db3fe2dab2948bdbe0f1e7cc48870dd01fbf2f6b8ce7768bbe0b4a3536b8c912bdfae30078fba83665c08390a0e4e6faa7de1d07d5a4a0bcfe142e45d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    3202552e447ba99322871327d60197c7

    SHA1

    9d4dfc0d316926ef261bcff18580e449c5335122

    SHA256

    647aedebe3e019162dd4c36112c5fb6a4cb60ddccd018e3863e3ae5c40a4ab2b

    SHA512

    c2769144c57b37042ce3e0e200217248ce404c7d87b7e29034c9716b9075310d1f38f80d3465576935a37f042bfd3d8e60ba7f932cd9742f98e0b1d1a925994f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CNUR30T\cb=gapi[1].js
    Filesize

    66KB

    MD5

    aa012028297a26c039c37ab25a4bd17a

    SHA1

    25f23d01b5f580c00778e1c010225e5b8c73b66c

    SHA256

    55cd2316edf7159b623e4ec2c9e3a334027c01e2d1cc386f833ebcd35ed87b38

    SHA512

    d346eb082674fc26d562da9a12f36ad2cc7db1f1b35c891a8734284cf1bd052a967137c1281982070688b2bb2e06c7f4967d1c9397311a31a11a8560b9c45fd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOYL2MRI\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    ec0bde1b421dbb2f9de32fdb220daff2

    SHA1

    aa4273e506ed0a091e4b8177aaf75d9b2332f240

    SHA256

    e55ea0525dd518ad7afd157a24687cf658a9c2a4c627a7e2bf89830e23c39a1d

    SHA512

    84f1d9de515f7cacd66dade5e2fe49ca3fdf63501515e5cf0caf82e34afe07bf45351d2920e8bc2010ba52fcbb9ea96609fbed57079c4bd2406cfd527ee57e60

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4TQDAHL\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDCD9.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE96A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit