Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

40f29313aa...8.html

windows7-x64

3

40f29313aa...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 16:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    40f29313aae5774572d9fdfb156285f9_JaffaCakes118.html

  • Size

    23KB

  • MD5

    40f29313aae5774572d9fdfb156285f9

  • SHA1

    2eaaee11dabcc9ee3169d8a7241d567e2133b411

  • SHA256

    6de11922e163b777a2a5378a2b3c251f3b7923d83d04b0aa6719e7c18889e684

  • SHA512

    992a6aad5f966087442cfc770db3f9570a773bd26a45058dfc9990e60b156d31e88c9bbee22dbc2cdf90718141bb2cb8b0cfb616818a80cc6a047016483cbdd6

  • SSDEEP

    384:C1lIcetD41vGTHJ7DeKUbGn6Z8ja/gRamzguLZ:wd8j4gQ6xLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\40f29313aae5774572d9fdfb156285f9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02e23359e2f0acff4fb7f3d745c4dc7b

    SHA1

    0688a0c3d26cc94f6e678ee8a2defc4b912a8b36

    SHA256

    597ec4f768e166698a3643d75413f6d41cc97d8a0191b1250704b6894c36b64d

    SHA512

    4e662649b221a945fd1a70166faecdc958489844f85ad32cd9e456decfc92ffa06e49d3de3d78bbc8a24a3fb8fca87eaf7714cc2cf8c8d8c034d3d977e70cf31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e3458b6657c8ff2cb0fecfc2db30f5d8

    SHA1

    565411b714fcee557195a847b1a081638e28ba23

    SHA256

    b676105a75becb4b3dda1f5b7539b2b1ef222c8fb38eb6cfc5b582712b8c2513

    SHA512

    866046e62c4bc10b53e827f67301fdedee5a447874252eae6ffbfe66d8242279c75cf18fdc81badce9c127efa6fd46e80a0fd6ce145cb2077295a9e164f7ce8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e87975f0ba88e207e462edf8d8253261

    SHA1

    acdab31cf67e38f0195c8790cd93aaaa8a87ce7a

    SHA256

    8c9196f8639117e688c8b37460eeeec63c19ae0da788070a6357c56e290db706

    SHA512

    c7d7c6b0ad748f736184092e76cc2b0fbfd5217a6490d98b180efc87a8c68adf6bf195cefa4f78f514ccf031f82e865e6bab38a77ad8661d4e73c95d16b0e8c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c072888fb28af857d41578bc67cec2f4

    SHA1

    3a1c968ad35ff36a1536a58af0ac13dcef418cd8

    SHA256

    033f233e7aa291f0f885c9cc41b52d936a816750bd0f6296e916485433741c28

    SHA512

    c1ef20dee8f4083db00836c589d2ae8b972aec173a39236fe97f480814d9c00e7d8ad78a22e1d41e41baf8beacdd4ff586276fd48fa67cc10db918aba71e0ead

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b0a43d0de249ea981b4eb9a46b8b98a2

    SHA1

    3e1ec05c0b49f4c70654623ba4bdc36b5b03de73

    SHA256

    1179032a1b19c138cad804266a24cea4b1a0f6cf4aa3b782807bd54cc4007c63

    SHA512

    2a78638bf2b5509343ee62601adb653a6d744767f49b474e47edf0cde6e3baa8fdba4fe49fe7d340b3faca14d7c8a71e8f75bb3efe1b88f075220ebe26e000a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fe145873dab81bb83b6855ea63dde25

    SHA1

    647d0bfd2c0b394893f83364fb37c87ee28bca3a

    SHA256

    6ecd6c7ba19e8b0f4414c4ee1726f393fd57f9313cf4a0da5b5245c8c90ad8dd

    SHA512

    ce5cb151d4a70f98451ab7c317812fc8dd79885e511756b3cf5e579705173747260b508ea7d8ef2db1be00a9c6b02b13d84eda5278053e2949f0653a293f94b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f7648e13550411e9f6d84cc633df3af

    SHA1

    b57d8f1ce6a3ea08066b8e2ac52a2a38980603ed

    SHA256

    1a73436e229c5b7636a41c40c540015ee6a0e54afe6824c3893aed9803cfc9bc

    SHA512

    cd17c7af648fd7f2433293bd813b25f645270b6860620a8deb84d244c5d877f97ec04d09e1cfee1c96b17e200bb7c952e857725b3bd391aa967ea231a07873e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad3caa85bb6d1d27b97d26451da13b45

    SHA1

    25eda65ab514916ef2fea12013f96bd12c31d52d

    SHA256

    ea5983e2192cb04a4f45f238d1c4381bd4584e0f8d01c82e81b32ae15037e600

    SHA512

    30d55f7a7b58ef0b4a791264a448a14f3c31f926cab261bfdb5d37e583abc4b3639c3cf080e89e27a3fd350d5798cd0eb9648ba38ded0d4b02b2efcbfd6bf212

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e2cb8576e79958fc9cc9b01b845d710

    SHA1

    810388bded29be04581c8e015ce9e2860d1913c9

    SHA256

    7ff0c08d55d040a62993a61b92b04d79c2d6133f12a2d4201d7812492a73d6f2

    SHA512

    4548223aa06d7c4d5f6243b77bbe95f256eca8846339e312960e1046efa3c961c61932c81258889dcd87e844bfb8949e7a5de3b522732a42f2923b862618be46

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEB4B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1328.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit