Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

43ff933d93...8.html

windows7-x64

3

43ff933d93...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2024, 20:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43ff933d93d874a553d66bb0a61ea16b_JaffaCakes118.html

  • Size

    20KB

  • MD5

    43ff933d93d874a553d66bb0a61ea16b

  • SHA1

    9a9a7cbcfe376e9c862d7ce1267b574745463947

  • SHA256

    6337d1e3daa7047a1af6601757252c7788abb7b1ba09d20d2ffd10bbd67413f5

  • SHA512

    372ca09868c8390edc23d52c178ef8ce7eafd8929e0fa731115677c614ef62fc19ac4579021dd21edd5d7dad8c23a77380ddb18d035cd41a2281babb55127fe6

  • SSDEEP

    384:4+QfPFd9QZBC7mOdM958x6puKfpC5IgSnbmFe7AckG7Xjces6D6pT5MxH1rPd:Zcd9QZBC7mOdMYupC5I9nC4DNPd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\43ff933d93d874a553d66bb0a61ea16b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1484

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20fdc2783cabbb1d129f98d0f8cdebb9

    SHA1

    73ba386b57a731660014b288310772cbcb2b7a5e

    SHA256

    994045951f8c26a0d49078838eb38d829d9d782de2a8cea5e371d0fd9f00ca91

    SHA512

    45cfa6b8febe282a1065f55b55bf00c2e02bf3188ed33eb49acc7c1e73228d71600c40e2ff231c55c7eba064fb180b8847dea4e05b7ed8941d820342685bdec1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58463bebaafe7be05024530f59a82d78

    SHA1

    1fff99769dde7cec5f58b6ce217fcdc72516dd9e

    SHA256

    8d396709e6d908ce7ac8741659eb3a154226bd50224c677cca3c16d982e121e6

    SHA512

    daf89ee3905fc14bc2fd5e4a934fc2f4a5ae6451aa53243e0644f7db4294cc63186fd5490833742c7f39e050ad2bc9c0f97e7e0b23c5f755f470d4c3e25289e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0067cdc24aee2c36a3de8fbb436a7255

    SHA1

    2cb82eca3a849ba6546ddd46f5ba0915be99cc79

    SHA256

    43dc0bfb41ff719b8a8ac8eae8900b86c958cd73fe7a87bd6c118437eaef27ef

    SHA512

    2a77845d17443c55b462ad9b487adf814935051ce6b49c84ecfc149ccb5e07ed321a70576be680ec4834d455adc049ae91a32bb82e81d4fca69b8b59bc16ec94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    17169249f57b2ebe9f79dbf1cbacb695

    SHA1

    101aa9ae9248faf085c93067ffd9fb205246614a

    SHA256

    a1eaf9cae935a23761b10b0f3188dc71cecada9c19e083f7b14382f824df67df

    SHA512

    bf1d4d00411fef915b8e3d564ab9bb0b5647d608c6b06d08b5652a9178d1dcdae22980fa8f80329dd63b249c877ae12c9e3ea81f3bd5c65f2696010e9e1f0954

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebe14c93b7fb085a86269257f6b842a9

    SHA1

    efd3d8baffd1cea834645e0846bc461ded02798b

    SHA256

    c8160273b3aea13c8bcf271ab409fc44cff80d26608810642feb37d127d97ae4

    SHA512

    9c0a8e0847aaea7bcdc972daee21cbab1073974d288b230391d60dd9993d79c82f9162ec0c09366797e4701ac9471202aafcd6d671961682ca65b5682377cfcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e4730695b63405eb1e053b69dd00582

    SHA1

    fa00499a8c7267295a17815fe5992b476a25611f

    SHA256

    28705a258c4481d75688e8a8a2c5b8ece47fdb378471740aa56b8aae65f8db5b

    SHA512

    f5a5659a1fec5194b3ca6fea676e70063df94fe925713fcc0ae80a760a56bb425e886ddbcc6791175e6bcbb8a4535bc1ac60e2a1676591ab1e8fff86a942dc3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2e9ff5eca689d08896cebe704cbc571

    SHA1

    84c76d17e084c2df26dee04ac1e511256f202e11

    SHA256

    4c16f205d79eee738b02aa7a65f28145999bde2a80a6b6fe7b35c33324ec1796

    SHA512

    ace4d40ec1c11f8275e3fb8558e927cfe220401fb7f41451cf9dab9448421e0e719c0c430edab8020e7974466c3478848f7d5f1284854d3d301cce2cae8b8a81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8239b19e0d9bf14ea74790118bb698ba

    SHA1

    7665dbb0a995bb26e4f9da72a0c694622cae7876

    SHA256

    dc831a9cc62861f72a62a281f95cbf8a69758e80703f649ae89c48267714b761

    SHA512

    ad6a8ae0256d5a06a5db41bf9fd4b74a75263e9c43320bbe346a5476106469c0f3569bb1b7cbd2ec9134d60c434869a18a912407827adc3a0d9dbd931983a9d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b318edadfe86133d648e656774d12b7c

    SHA1

    bae9f2946360e3e9807c9bb1f80fe92c59dfa7d3

    SHA256

    f8ec2eee0f4c4e2088242592612479de5ed1a7f6ac39a406096ef188de93073e

    SHA512

    3f55a74a302da972155d427e08e9e153485cbc1be84821755cec7be3ba1ec0b293659fbaaae3c11fce27cd751f6632928e44cbdfd8f2d715b0bf1f05bb390022

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f24e63575a70a12918fb938be74bbba

    SHA1

    2fee7d94b155e0ece76815006fe7e441b56aaa9e

    SHA256

    dcb705742d4e6a65e1aeac022ea1d6b5b916dc2bedc564699fe40ce9a1555837

    SHA512

    ec43f4109615bef13c5a4dfce8f9238b3c08d78ad4d3e9269f8a4740d5ad86a0043fd86987a24dca444fdd5da247d4011385c7d86cfc6c7eeae2349ee3acd262

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFDD2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFE42.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit