Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

45e098c608...8.html

windows7-x64

3

45e098c608...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2024, 04:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    45e098c608220e5dffd13d0c5c2a3fb4_JaffaCakes118.html

  • Size

    139KB

  • MD5

    45e098c608220e5dffd13d0c5c2a3fb4

  • SHA1

    d61123d05f8003ba7fafee335496eba4dd3c7eeb

  • SHA256

    9de02d6b7659af18fdac6510f7a58fec97eac33f51aff98fcfb1e2881385bfe4

  • SHA512

    70d0f882f62787903757c8ea548f594533bdd69f86063ac70aeb393666d4064d8d593552bdf13cae934d05c0baba20dd588b43d16f2998c39a5595ed73cb1095

  • SSDEEP

    1536:SMNjBC5Q/vmwBghw9EQlUZtyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP06:SMhyyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\45e098c608220e5dffd13d0c5c2a3fb4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2124

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a3a00c34b23a31bce2600bd51ee11d1

    SHA1

    dbbaffacbb9202d70698d02dc78e8bf3c7afdd7d

    SHA256

    59835d15f168607986c8a8ad065ed1d0c3ebb89a9e117540eb6addf093c7dc89

    SHA512

    b0fee9ec630a10329ffbacb9adcc85d7ce7c92fc12cc354ff659e88e40133d2c7e6bfb91a1386a7d927412a7c2a09032c9e7adf8b5066ed4919f186285f68eaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d01dd996d0812ad87d45cad8a3a48cc0

    SHA1

    0fda7e6a20ed3ec5779c04faf14d2bd15b5068a7

    SHA256

    b705ef12be200393af5add886d7fc83d90f0f88b5f3016c1d0144d6eb9c6e45d

    SHA512

    1885c81bef7df1a3436c146105660d7ae06ba2bdf224296a52db9f36291e3d3a372c618b83ace00bc31263f158854426b8ec2e3edc1c38f99edbfc837594b05f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0319895b23f4fa378dcd3728d8c9f12f

    SHA1

    ac1b70b5df3cecbc1c08c493675b5b64f69e07f6

    SHA256

    a581c82d8ed0732eadc2fcd718a9caec3455c590fd8ce033dd522916fe334df9

    SHA512

    9afea6a091ceff76090dc109feb6c3d78309b53dbf46378a3f575bc3f1cbf64c19244d10fb0f68985ce7b266623d43792a44714f6efe53b3e24aea5f2b8c9193

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    541ca00bf85c7e85a8842f9b62422155

    SHA1

    2da1edc0187753fe818bfc4d3ab19d7725e16cce

    SHA256

    59d8527f92db4be49659a538492beca4bc1a5fcbab5aebbacde10dc3e6683244

    SHA512

    1019e4c70f4bcc17b0dd73d2cb2bee7fdd8db7cb94e73df0ad424d58bb7261eb9c9a5543638a75fba5de180e04cde9b93d2d2c6fb5f7413c386541ad6bb2d139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2df1511462aebefa88f6a81e9602ee5d

    SHA1

    deb4ae7cc0b2f5c484334232a6a5c85d26fd20c3

    SHA256

    348825ca35b17b593c767d5236f0b92ab1f1a48bd70223f2ed94d93188b7c57e

    SHA512

    b9e117db8d382398440e01e170bd94b1f57aaa06c1e83ef4f5b9d1120782033c2777bda6c332ad54c7c917a8bb6932ccd844d5a302b5dc4ffa0bc8eb3a82cec2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11bc45a7da3ca4d7189d6ef978ba305f

    SHA1

    d8a3ebd659c7f9ea2a2760acd9d952e4ecd8f06c

    SHA256

    40e9133f87d05656575cabc9ca39ea5fba939547d72058f524b62961d5ff933e

    SHA512

    c0f125921b03d5e6274d8e942cb48346f5735ee8d25d4bd0222c2c10bde14b694f668553c09bd72ec499720d7105e274f231a92577a3fca4fdc15d39da26fc57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    44bfc5aa750bbce2fd1aaa9b7e36705d

    SHA1

    f58096c92a1fefcbb174ee0dd47d5e48e3fa2df5

    SHA256

    11cba2e58f1bcc7b6e6c60dd644f35832513eae344be828be9b4e9057e4de004

    SHA512

    2e03593ad53b8d322a618037ed6e03fa549b34e59a02208f52ba27bd7ebb2d11a1bc7de53c595d4e083831833ddb9ec3c425c5560dd46773cb5e72fe001d6a2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92fe7f16326e34e4b7b82b54404cf56c

    SHA1

    43e830c5abcffa66cb0f56956ba5e3390f22826d

    SHA256

    9d8a228564228e07269ebbe78fe4ca33688dd22a0f59a88fdf78b8d023ac739a

    SHA512

    5006bd4dad378f4f74dc46e5a3531b7432fc5f7430897cc24f26ecf6a99ca17208254c4447054ab26c99944cab843caabccd00bb331254f194106e33b4e8d556

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0de772a7d5e86e2230e1a7cb61d36f9

    SHA1

    03426c713c75f94f7c3b022d72fee14a8d1a9441

    SHA256

    611edbccce776f68e152d5cd691fa61b771a2405e073927535bb9cde48bc0108

    SHA512

    6474221a3228e739c156d50da67a9360b713e3efe67a08068b9306f1ea20b27c772ffbc715134ced327c6c0a5c2e640a54ccf9e653e4b3850e472623295c517d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8E99.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8F1B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit