Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

44c7e12998...8.html

windows7-x64

3

44c7e12998...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2024, 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    44c7e129985139d590255e3da39b7a2e_JaffaCakes118.html

  • Size

    142KB

  • MD5

    44c7e129985139d590255e3da39b7a2e

  • SHA1

    51f578be350cce6aa35c9cb337ac2eba4fd95aef

  • SHA256

    8191f43209b9a15fa69659a047cec065f9c3464fc8e6f4633fd8fe1bf88d5580

  • SHA512

    43a29bc2a5278c117ddadbb530839359612be4789a63ce45dce863be27895b81d32e1fc72adc613c36f0d6908b9f46086294adccd4add048ff5ba5f86b90060c

  • SSDEEP

    3072:SLFXoFx7dyfkMY+BES09JXAnyrZalI+YQ:SLFXoFx7osMYod+X3oI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\44c7e129985139d590255e3da39b7a2e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b7355f5a48f69222253bde3d8dbbb87

    SHA1

    9d81c2d3a21852cd9007c6d996f0c84b155c8da6

    SHA256

    c445822c82f27e83494749e3251133f9bf4b17457348e836b41cc56f4934a524

    SHA512

    831c86622dd154ff1af7bcd5c93b09dbca75ff8452c11f91dbbac081582240d8f7b227b7d4abd3fe501f9af807b193e206862b994a79e40fdd8fa3a98af67af7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a6b62bdeeaef44763962f0149722895

    SHA1

    0cffa1c2fb2a760bc17cc5a627aa0220ce1eaff2

    SHA256

    03239d5247454784f78041badda637503f8b19f9de8e562284c97bf2b69ce8c6

    SHA512

    3133a03034c2ca7e76c342448b515341df7d4a78d8eb1fcd57616157ba09cc43d8edbed30ae8027d39f1fd5bc34879a61827cd0054e45806214495b263a8e0ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59759135b90138a8c674d79da4d8d9a9

    SHA1

    24b859570d44fd1ebf853266c66dd3674c9297bc

    SHA256

    eec4201fb3ffc8609f66b4ef9808b41169e4a631ac09a075b7fdba0c166e43c8

    SHA512

    95e5544117953154e008662dfefddea18cf3d0e97966204471c75a59546fd348cf0c27bd70ac81939794d03894665dd6770590aaf4776954cc12b794f3164a1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9459b6ee946f83bc59010bb06233d904

    SHA1

    0c4b2c2026f6823a2c5baa544bbbdf7cb6ece204

    SHA256

    c0af55d8116000843f84c364770b35182ec39221cc169a4c8c4b871e2a426604

    SHA512

    725fdac72d29069bb525a668fb5bd3d525ca66144abde53d5267369414f5201030c252866f74d8930de13d6abfecbf563b1aff1fb2439f2627dd9ea7c838079f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fdef48db5e96d5e89b6466d2f644c92

    SHA1

    94080263f9120251468313ad46e7a7cce2b3f548

    SHA256

    9334649142385b73804eb4569bae61dff9b0502d1761c6969c6c6681dc3a2c31

    SHA512

    9609063f8c5d7080365c40e71713e663bdb672fdf43e63673df3ff691140dbfa483a0540975b2e1b10d146d6396c5fb5b9c9db25ea7e234e6c015494995e2c64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    505fbd807b381d45e2e53a57d4ecc8be

    SHA1

    e1f1e9f3a7d2fc44f1c651217df0f01e66011ee6

    SHA256

    1cbaf7ae9a96cdb18a1227a0409724c75942c588693cccbe0ed18f8182d789eb

    SHA512

    43956a0186c55e20bb6178962e57a81211fd7eac116319ea81157b6398d01bfc5e9d468064dccf00121006a569fd0a41690e894f90fe1a567035ef3de80966f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    98a5d23c9c645cdcc336291671959b71

    SHA1

    d92f5fccf2b6a61549f2686979e56f03bd63332a

    SHA256

    10c6a4a56d671a3eed51ee6f4639b26b3d0fe0c2ad82e33d9c65d44532b13cbc

    SHA512

    3fc6207b4e704c67b93fcd6e1449869cf2a1201a50208de4980da5c04a7973a925bad26d0c05be142080258781d24b2a1433dcb36b84c6fad8851193a2dac264

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d91642a1b8469d99d0cd07c260b100f

    SHA1

    2d84fa842246f6ba1a72bf5f60740f26fa92cfed

    SHA256

    6a53ccf3962e063b9414226e8cf838a3e112277f2f10c3d740d291f93be2722b

    SHA512

    e680e79cde1b45f9ae6f95352d293d2f831ba5fe154e55e4663d0d6c6bfd0f182739bd673a268bcb414d67d015350877470aa7079c44effdb1ac0153c9940b69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83fb4070d2b861c5073db3f79f9dd941

    SHA1

    9595e685c710c741d64c547774822ef17a324b65

    SHA256

    30b66e82182a37f712b37fa5f73dc02261f898bb0faef42508795422a4886262

    SHA512

    4e55f6e75acfcb8ab95a6eadf13329ef6d4ea89de24c6ff66bbaa75823a8e0c49ab4052df8fface2c19ab9340e688791fccee0303570a6acda481363b0989745

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF6DF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF79D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit