Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

439555b9ae...8.html

windows7-x64

3

439555b9ae...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2024, 18:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    439555b9ae1d51eca2a87875a40abfa3_JaffaCakes118.html

  • Size

    37KB

  • MD5

    439555b9ae1d51eca2a87875a40abfa3

  • SHA1

    f835486fd43193876f4102e7baec74cea8ac7698

  • SHA256

    af6143e7d0cc2e1275364deeecd1587a817bba158264f5d95d8c5f80e3d0761c

  • SHA512

    edab947dcbe9a8da9c401db253b002de3f7aa451171d50059b20977d1e3749e42fa4698d945b584c15642b7c917876e9539c53fb39e81d4ae7d89dbd0cbecb53

  • SSDEEP

    384:ydG5P/TYsavbEhbaBMzIpn1sfxz+UES4ODXl44HqjI7Lfbsi7FcAn9Lies1k0:yq8abaCLz/ES4KXlTbsi7FcAnRies1J

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\439555b9ae1d51eca2a87875a40abfa3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2264

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    dc25a03aedcb3fec44a7e7243bef5e10

    SHA1

    5e08703a0eb20d7cb6cf78b2d0a82ce2740a5e80

    SHA256

    4b595cc7e4b17a4eb08f4691263473b606f22ad4183cda2c4b1951f67ff87a33

    SHA512

    7ec0f5abb50e7184060c0224502ce4e78992b6785516eb320461d4cd93849a07b03a220f71984d76377755523015d159213b6b10822cffd7efbcb4a683f1cec6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb096a7f14f30322d46fae3bccdb1b12

    SHA1

    b6fed3894ea8f94b52ace25669cf5b35f30741cd

    SHA256

    82a3bcfc816f0e616dedbd3b40e1c97274089a0f502b48005e18d1c56de7166c

    SHA512

    7131036993295ce2ddde929fdbb170a2ce67638b3dc3d7f9907a730de71f881c9fbb5928520958a9e71b2ec6b8987badc161a7f36f3a31e5d8142c462966fda0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    03c9fa640c4c633c05822c7094305480

    SHA1

    d776f826ebe5655104407352776038b662dc5942

    SHA256

    89cf3227acb085328f1ff1fdc40ac84b22c6f7686733724ff0dbcab54c7cd3ed

    SHA512

    f981f1b4a21c1db238b33951a488bbb5a4f0d0f7c7fae0a38f50682f524cd767f95b4ec10a4657334e3bee93fc94dc11aef7f205f938421742fb9f9feac25c8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4421ee6a2d62b0e7aa2386f02a18ac67

    SHA1

    323cb6ddab4e159f48fa1ee1c7cef7a660ca3027

    SHA256

    ba2700f4bc44af920445682a243b89e50e707cb831cb3d9bb092fcde662f69f2

    SHA512

    e7833dc0ba618c134fcaaa4f7bad73bfe9d7ca5a7fc6eee009a0fd91db7fb468024440960adc994fa2993b9fafb32c9b07680089d36e8fbdb96f16dfcd4b2245

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3799098d3e9146fbd7bac1361600ade8

    SHA1

    c3cb2220cf070a62208df60e4be9721200f91c36

    SHA256

    64e2ed6acdd4b674f7fccc0c059eb6df0d988fb31dd72bd83478ae1ec6d7fa19

    SHA512

    deca5b74c598c9d9fb4373bca6c66b4fe4c71f1ba3457119208d1ab9f29537550f680465e22ec61eef3722fe6bc64cca60c86e1881cbe663d7d5e706a797fb53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f0713615de23edc022778bd71e91c11

    SHA1

    1ce71463e44955a68b12d06f9d232edffd58dec8

    SHA256

    a99065db6a2e01bc1e63198d625c7606159b42ee47648245a3e4159e2f7b00b1

    SHA512

    21b25ceb567263d97d9cf34260489b9280dc726193ba7d0ea6002c9144d9e2db1ef62c4bb707d6093f3463bf2b16bee837c1d537d3c4cf09a6334e21adb345d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fac14e82385822ff632181f8e31a32d0

    SHA1

    67dec69bab9c1f3ece35b31ad112c548f5f7bc1b

    SHA256

    0a026c7cbc93115391923357991f241bbc2cca3027eae0a241b43f8b1cd1c680

    SHA512

    77d8e2be7bd788e07a20998cb97b82988759f4544054cf68a4bf2e0ada903fd3fe37319a53ea870b5bff0136e890af13ba0c400ac09d62d49b84b39393d2578d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c656a008514e467dc91f8c75b600a65f

    SHA1

    a4c477c1cbeb777b9a42b81ad5cfb0714623eaf4

    SHA256

    4e6a59f139d7258749d2f63012d301aa801826304c3fe268cb4aa57f82d9eb60

    SHA512

    398312ef7838a1a03531e28b30421451855e5fc841cf43ec4673cbaa1c09684d303fcf7d1440873081bfd6425b65f0dac95716e79eb07ec64750e4e5113efc6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9fd178d73054fe27e101238bf1b84002

    SHA1

    5284888b63449c69ad6635f8b35fcf008b406623

    SHA256

    fe87b21cd3c6adf5b6db06f7078c77b9c64979384d70751dd187256a71bbed4b

    SHA512

    df3e8007376077a77f6d5a3f1b29a3e5441f9b1e94c5ebf146635780e03fbe1ec3bfae6d25d626febff085ab023ad5550821b00f1857a3db10a76fbf802f00ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b55afb4199e69a597586af65d9c7295f

    SHA1

    0ac4b2b2ca1e5d85144349bf36480ce87752a792

    SHA256

    dbaf217e5eea49765d24e2b398796a2c97c6bb99ecc1ddabd8a9b926eddc0903

    SHA512

    3802f3aef7bfb167bc7ebc934f68a1f612a44df5d3557ea0350190af1d976b3df92a48ad76e91bdcd2290c157ac68ea3b2bda9607722e88f6600df5d0ca5d3ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c54c8feb40a339d955ea57a2d417be7e

    SHA1

    ba23f81fd6c5fa6ab3a88a92766ee63a79352bf8

    SHA256

    54aa622fca0f268ad51c0dfbd6ac8514a7eee63896827e8f92d0a827bd54044a

    SHA512

    288bb450a7a530d28c923c1bd16ef677980c457af48d4c8aeb4fdf9715ca636568608507bcab516b52f3b4f0079532fd8e7ce4e998ff3f246f61f4004e74bd76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    b78b1001958a1742a9e55756e0dc3f38

    SHA1

    46803cb235d501bd65b829678d2e390d38273ccb

    SHA256

    ccfe10cb48eb6dfb2cd6998fea8230753d22562cc54cafc97eeba7ba67a09041

    SHA512

    f9a307a471ae3fb7919d80f84c6725594693edb4c34d407cd9467d1b03f8616923a25ef5648e00fc214bbce54a72bd2233178b9286de7577433da3c5cdfd428f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d4781769b3aa520300710c7fc28f30e0

    SHA1

    83c3e096bb68f59eaaccbad3cd5f4fa74cf1f82b

    SHA256

    f013dcdb3131594371ac440b98f13c030d0c62da8d49a2ac1056ac577d91364f

    SHA512

    063736dc8645d0be851199c5a95776f3e2223d5e516d9a3f06e94aafb5dcd63b90e4f4580bc447c88a8ce03bebc66177b4cf3008e0d6900c28f8ec49ee96b163

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB0KZ1Y4\background[1].css
    Filesize

    49B

    MD5

    e55c5dbc726d04d84999173670eaf26b

    SHA1

    f594a4b4cd844af7b4ab7dda9802095849273204

    SHA256

    7ef598947e7596fffa82ff1370c3666d8616ef72cd3908c905a5f1b100c4526b

    SHA512

    4b12de4bc7c82ea956c87cf91fd72ef7eb3758d9a5ca21ebf8f3d2159e6a71fd906d631fa108456138c8e3fe46e7a4549d19a7e3823dd143a5627bfc146946eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOGPI1N2\tc_loader[1].js
    Filesize

    22KB

    MD5

    1e987e016f583bffc49ce1f6d3d8ba56

    SHA1

    34566b776d1107c7c01fbb61974502b913f1794a

    SHA256

    3101467b734edc22476256ccdc26be8777415e3e0fc646f9007f6196cbad4a77

    SHA512

    d6a5f34d49e4a321be75b9803949a4ba41f903db2403767f483943052dd3172232d454e99e6f5b2dbb8e3664268afae6cc338995348ea082d790b7738136f0df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD117.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD158.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit