Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

4165212bba...8.html

windows7-x64

3

4165212bba...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 18:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4165212bba40c395f58528b52309bf38_JaffaCakes118.html

  • Size

    12KB

  • MD5

    4165212bba40c395f58528b52309bf38

  • SHA1

    c4562aa3ed267fcf56fbde31236ee3fdb4ab42f1

  • SHA256

    7f6cbbf00e67c732a5fc21eb445088ac6533398f5e8120f0550478446b7a7b42

  • SHA512

    5eb80ba93180836e32431b8f3d78fe0304dbff57fe5bd7c3b5c45b97a61b1ed332deab10b0cf828e5c68ca683eda288539a25caaf12bf5792368d63dbc28a7bf

  • SSDEEP

    384:sxlIcPVbjjA/guBBaZCn275CJ0ImzguLZ:JgpAR6xLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4165212bba40c395f58528b52309bf38_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2060 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    74d541f889d85d497ab92c73ca22b8d3

    SHA1

    cb8aa6423ee8d5e3688c2d7e003e2ec776e8fdc6

    SHA256

    92d99eee27d68edeb3773c7e5c2e7256af663fcceee36ee3aa2c318a896032fc

    SHA512

    7f3f9462a37b8a268aff964dd32722922ca136bb4f431dba72b782a03ef16d3acfb11059b23518b18a0cdd1dce3d7f28a61f15b37627ff55c15fe6fd149a4a65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    305ac964211a0c8b0ba2e41f284504c5

    SHA1

    2b18e9de7d9961155d0c84b412a870f8c65a8ac9

    SHA256

    5ea87ca41125dbfe319e6c482fbe0298f408e957d693f3ae0c368ef678d5b6b3

    SHA512

    3c42647dc1a0160c15f87c60a2aecb3620a98b37d16b5716a4c3995999adcce6771f6350e4da3fd2694716ab744c0e5ccc979c588273ccc420ebaa769f9b9ccd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    07a6e30e517c924f98afcb14d56224e1

    SHA1

    786d5f8b62d8becb215c06b5b204f7024d1e19f6

    SHA256

    5868fb8f094523fb53490a266eecd608ff601de83fae258f9322acc06ec9ef99

    SHA512

    2ab100d474a23bd546aebcbfaed9ed18ac7255d9622d3dbed341f5a4ba55d3a1e3e289bd5c650334783d4d350d375cbd7e77d82e951544ea01529d61ca898320

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6654ee1388e46c2b400f39956e8e5b7e

    SHA1

    cc1f322a36c3efaafeaad0a0ba1c94ff5586cd75

    SHA256

    5ba1967b33d56a6c715a816c085e9a2b33fe2558f83599b04153b7540f65fed9

    SHA512

    6826bcf2050f007868d0a474a062a269332d7b1562811c489dd8912e7330ac6e2c5ed25255bcbff6596cdd09d6bb34748793f63bad37051ef742fc05ee10cf34

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b975fa74f4e96993f447001ade84a90

    SHA1

    4ede9d02daac5d1a860570f74551427a7f9b60a4

    SHA256

    a28b354aff88ddd245452958fd352e052bdc31c0c90ec098cce6c7dac217a161

    SHA512

    f573093527925bf777bfc41923b5da9ac4309d1aab9f57677b6103da4cf8feddab6b15ae80fcc1fae684928585367fdd33c9b98534305f8ff997464543a13cd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa3611c6cd7948e5952c5168ee15bfc4

    SHA1

    020c707b4e3737aec397eef236110835b1ffde88

    SHA256

    4bfec4c86c902bb9305d1ad0b7e66e44020d15de5389a2bf0641ed3b3f1b0820

    SHA512

    0b7ba25623209bfa3c46dfbe1065a9ec9eb1e25bbd8d145f5dc032404f9505efe4e19b2997ded5cb1578b1befad7a901e85e30ca61f82671f088bd55847d7d0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a2e04dc8b0c7f0e363e20b773b8f183

    SHA1

    836570fca63edc1a51ecbfe4b9b69147e61dcaea

    SHA256

    7cc39ae2b053d3124381b89035e7168a1176340544be7a4dd89629d1b322409d

    SHA512

    b1f663c444b01d6c9386a93b50327414b5b3243b04b2cb2b3ee3ad1798963767a24064c0cfd8040f594427753fc71345e8909b841e08b13779eb63c265275017

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1d80d2f6a706df7f847d169b295cebdc

    SHA1

    6343ed333c1c1a8d31dcfac6207dc42fb81d4033

    SHA256

    42fed082314d505fde69ae71250721dc59b0baa71de31e28683bbf369c9f94d7

    SHA512

    13e2d8f3ca63b07968fb6f970864058b2b6e59a6d336f467c7ec8639d69fd77dd2c398a898813b937ab93f1816434e383ccad282fe8892e9f56e481dc7c661b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90ddab3d529ce895653c6d5e85a16742

    SHA1

    4e99583da7da888469aec9d148a61ead6aa6b49b

    SHA256

    42d249aaea0e35369c6ee7d2a17d0da02a43b2eee0dc17e5c9f04f0f2e547db4

    SHA512

    779b46556b3d764637201bcc8c7920962b7b9ebf57710dbac68a97a04cfc43ccb3a0f907ad36f7669c7cce0eb7ce0c38657e083ecc9f541433dfd3eeb8aab5f5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA8BD.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA94F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit