Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

53d7f1c493...8.html

windows7-x64

3

53d7f1c493...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    17/10/2024, 21:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    53d7f1c4932244d1f3c1dd2d6323121f_JaffaCakes118.html

  • Size

    141KB

  • MD5

    53d7f1c4932244d1f3c1dd2d6323121f

  • SHA1

    7f07171f45a75bf97074ea34a4941599ceacb7aa

  • SHA256

    1d40c93eefa4d4bd18122e21f07a6064a1fa42128c0031f6552fd0e76eab2ec4

  • SHA512

    073c69d3375852f8b2955b0310945c5b2b1a0f63ae01f32f1f6ddd9db16f3a97eed84a2937bce493de762569f7fe56e2586c4bb0590ab622ab9cbc39f2f05c47

  • SSDEEP

    1536:SbygUro03ANx76vuyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3om:StVMwx7dyfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\53d7f1c4932244d1f3c1dd2d6323121f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b4ee70266842b0f5bdb882cc3d9c1382

    SHA1

    a61058cbccb9e3eed122a945898f979226c8f584

    SHA256

    d10188e9316b136acae610bcb1bdbd4f9cbb51909add737096b1584eb65736c7

    SHA512

    89be1f0a9c12b63bc8511feb12cd521500e7bb9436b14c0957816a7a3fd10b9601bf8e1b5d5cb3475d7d029295ee61b390397fb9409d7123311d4f9c26656f79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6109d04518c61bd37b416eef32a8d0c8

    SHA1

    0805e9689ed61fd3dbeb39372b0d8a4e588b5285

    SHA256

    c72d90bd22cc03550466cd33b5c14afefd53850f4b1468a310c24fd033bc4d30

    SHA512

    7b0f4c1433bda63ef96f26fa97f4c3732641cd1219da74f8ef18879587c17930b14cdaea80dbe14ab48191192ac0cfd5fd96fe39d0a520dced5786f40624f61e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c27f46a3132a88b6483752e9e2d4e01e

    SHA1

    314d81d414176af72762723b9328e568a6f1dfca

    SHA256

    54de2c2f1a631469ed0c890ba7a3983717ccde6975ea4a7cc30c4622456a6d38

    SHA512

    c2186364ccdd8a520de6cee3aec64acae6a1a647d5358c4e83f0dd544ec13b7a875aa477a02b776c7713c372780d02a93e6654d6c369b6dd8cac856b0ac45fde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20498ca7c5707a4be7345e28b0fa5d2f

    SHA1

    33c8bcc358245fa01ba601738a5822bbc0d90acd

    SHA256

    f52bfb97d22d583f9fb13c640467180b9bc61137c53f24847d34f8dc1c8c2be0

    SHA512

    159d60b54ddbdb0d4e7b56435a97a4602cf98924e1f4a08a7d725aa16b84c2b7a08b85762afdc48238f290115cd6909adea273df2ab78a55330ac6240bb57eca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e9ab36072624fc6081284b08c429029d

    SHA1

    f154f5643100950ce89599b43d574e87193486c4

    SHA256

    6999210cfe32c890d593c00b5038a24b0f6bd8287c9597695066452831e9484b

    SHA512

    30cc0a8b1b6d5b7e637faecbddd3d15c360834df38b60fd1cb97d20da741b7eff2ac396a5ee928384613f6a0336ba2b59ab42ef8dacd73fc106d75f3dac22d87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79f7a3dd93345365d0723db8f22f8b55

    SHA1

    904810a9c15b580745b471b80dc3eda8f36ec675

    SHA256

    ae32bc00164963845e0a4214f800009ef1f146097199ac824fc9efc3747720c0

    SHA512

    98056985127d594ed632cfee8d22f820d7c5c1767179e36acddadf92c42b1b86fba9c31da2e8172632b6f32c5f034802eec26e63cdaf138362d23e016260fa4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cac6ec9c77b2de25e36f944a79dfc1c2

    SHA1

    12a671d21c748250cd0c86460b8550cd1315e8e7

    SHA256

    7f48aaf011212a9017f0e48c35fc9f989342041856b04a9a12f66cadbbdc4f2b

    SHA512

    4cadf6cbe157d9aeb1fd4c2a7e3eda0927eee7b4e9ee3ae10b3b8d5127c78cf176427422a7685df345ec331194226f1ce2a18fd7bed968927aae47dd720da165

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d072e0b0a0f08e618b8ca589bcff9765

    SHA1

    c165aa8798dd9429a72644ed95c7b0b75638b217

    SHA256

    5f6e4898329219e5f5d9f9049867a815cef0e453e93869ef149f1057e87d6cfc

    SHA512

    b2da61cc2312a173539b96e513698fe70e21edfeb7e84fd8f008596d61cd6dfabf1f4ce7f180460b001858a0bf10a5f9bd10dc43d3cfdfde1e93467a85dd36fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    533e4e0f0456516dff7fa182aca578a9

    SHA1

    6b35b529a06a27b898e484d3165cde78c1257bd4

    SHA256

    39037aa39e7da34fb3faedca7253e9c4ff3e87694c2ae9ca8060e35b93cc7343

    SHA512

    b6cf008e1fd253f79b9b10f793906ce0653071fd590a4db9d1ec9d6a7c2aa2bae924bd2705e9a402c368eafe3619748c0010035f8541386b456fc3269d1ea360

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA19E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA24F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit