Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

45496a49ae...8.html

windows7-x64

3

45496a49ae...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2024, 02:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    45496a49aebca3eb655a6d645619b63f_JaffaCakes118.html

  • Size

    56KB

  • MD5

    45496a49aebca3eb655a6d645619b63f

  • SHA1

    d2c3487bb667288b5415fc571b4a1a31f3b06207

  • SHA256

    a693442f5db21feceeb9f15f328122c37531e4be6c4fec1ec8be1bc72cebb66a

  • SHA512

    0383404c47bbfc2b77b70f57948945957f94e011cdc7d648303ec7966a53490b025675b2cf4c8e0083a7b87b9f9ee0ecb04221a936289f3ac58757d62ec4efa3

  • SSDEEP

    384:l3lIcGtl43NGTHhF8bgPtW9+gTG+ex3PcjYttuozkxJo7UcHnzJzUNFvobRZtRrP:3A5yoIcHFgNBobRfOCE6ghAxLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\45496a49aebca3eb655a6d645619b63f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d61c309606258ceef7c4c2ffef0a5df9

    SHA1

    5a0c6cebc83846130923d333cd1e12b76ef3a37a

    SHA256

    842cc551bdd103490c6f8468d261dc80469eb55476f84c744868fd756c2ca29c

    SHA512

    8b49e6cf5d48fcb37379ebb497626f5a3629a4f5de79fb499da8d4790ed5487b405931dcc0e6e02ea9c376b4727198147fca3cc12c32dc2e560ce37a7a45ba9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f86f44e01a544795b0c98b3ca11985f2

    SHA1

    508a7f22480d96f6beb782cf3d1464761737d069

    SHA256

    9346428bb865efdc95def56e19e92f6bc6fd6a556e92843e5c48359613435d17

    SHA512

    04cb3284051e91ea5c18de9f2e872e7ed5dc93909c94c53557bb956afe34692223e07d6c2a93e37690f687baac8d3f92dae9f7b23e753c34044c7699680c37a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b79140daa2bc63d7815e63cc8c33ac0

    SHA1

    31b5b26bdd4c3f3310c4ab4b6e43b34a23e960fe

    SHA256

    84d875bb1e649dcefe8f9235ec5a0a889d74811cbd8dca1fc8e74a4a67552a01

    SHA512

    4511e44abf0807d53e881caf74eafe90db336d0107d63b64200ad886459be3be550adada1c33afc5b6cc5d27b7a2a03c2c42db4a84b29d87b40ea87e0781adc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46c8d5f471b5a6d0c2e15b58d9c15187

    SHA1

    1c57487ff8cfefac26e2a02565594d6be2e09efa

    SHA256

    d8facafaf054d8d622abe49147d1011e70f0d17870b77db38bb71773d98e82ab

    SHA512

    7c6de3e2a29b2247a9dd1fb7c70a7ee7083db4e5f6f2edff3f6ab06c9469338e405dbe30a0817be57c4b959a78ddd4dac7aeb9bee3bb91c36b64537e48d2497f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c71ec928738781368a2537d815b59ab2

    SHA1

    28f7f1361d59b7458e9d4ff226780a1bc8953634

    SHA256

    ac7d75f9629c1d46eaa1fded0db8d488cbed95743f2d56bbc69a3624d62aaa9d

    SHA512

    e93c2ec463ede0c8ba0d52e913d7acb0e6d4a8abe6efe340140d08328172ece8b2f0bcb8a5fbc2707916c6c8d69d582508326b2edaaf14b415924deb11b39a28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ebcc17c58976b6bd9f032ca271edc02c

    SHA1

    3fd8e1d50b874c965c31dffb2d4b12d8f16de011

    SHA256

    ac6f8831c723cc37ffdbd9b1d85a86893e04e7086aa9cfc585c9d943e184a491

    SHA512

    c4d4193c44bc59bb6b8e755c6b3cdf88a134db3dfc0d0e4742c93c7817bc5e6c51693dcb9c963ac5f5e32e80836e02578984cf4bf9e3272d35b2e36befdf09e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e430a1d01e54dc5ae9907b1b2225e48d

    SHA1

    3846da50cbb377c907a33a8057a7cd8e6339b873

    SHA256

    ed4eca4a632dcce75cd9052dc1143ddd24669c6e8ae25ac639130e82d210df28

    SHA512

    4bdb15d9e5144247b0dbcb626f7ec352caf5d3f097e7f3a3a8f2680b96e702f063c2943be6ba64e6975df8fc7a69f91be6e2a5bc2f7148890b19e79161e1e47f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b27ec6a7d1b8f82511bc081a9f675df

    SHA1

    7b6f944d4b436109bc6ef98506c18eb2c891874b

    SHA256

    8bc82df0c993715b580b6aeee0505ccbea507b49aa6177fbf37024b280776cc8

    SHA512

    18375f5f8fe73665e938653a3a43b52628dc90a0d94c81f6db4238a7ec38079675d63bf76ae30a386c9a8104c42fa38781499a653c1677161c47a5e031e32d0a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64d12ead51bc937eb99dc52c6d78a7c0

    SHA1

    c81321ce3236084bac13b01f7639edfd3ef2fc39

    SHA256

    7fead870e79cbf12cec311544d1d1b7548ebd7ce339d858e3d84c5cf5f1a9596

    SHA512

    e16264ed4f48703763a7bf7e59523cee9046ecea469a24390bb3f8e6f774bf04b212668133b442ce65d7b3e6a7bf6eb73fe7fd9eee9f7f9458cc76cfe10e8f98

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE264.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE333.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit