Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

5437cc5408...8.html

windows7-x64

3

5437cc5408...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    17/10/2024, 23:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5437cc54089027522bce8cd4a4f89a1d_JaffaCakes118.html

  • Size

    20KB

  • MD5

    5437cc54089027522bce8cd4a4f89a1d

  • SHA1

    75c2d7c9997b1d6cc144894d07613977c035158f

  • SHA256

    ab9fa61bbc53a658232889e4729b233166782cdbbfa30134722ce78a39459d31

  • SHA512

    55fb8debb63f4698bc8a35c7f59ce24e977e9f22bd694758a173e1d6fff7509838141922b2a33d1264d8dddfc81db3c06fe903cbdbc0a09475d439562bcd9c23

  • SSDEEP

    384:bylIc+t4E4/LWsGTH0LVeYRiR3+50jN6Z8rdNU/gb1AguLZ:LI8ughAxLZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5437cc54089027522bce8cd4a4f89a1d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2044 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c69aaf54c0e1237c708bd63dffcb3c04

    SHA1

    55433a5915503f269135f36c6e6c90f53c76e499

    SHA256

    3fc4b3450e258bbb1048aa0f773bcff88c028ea630e395036b1a017b92342b80

    SHA512

    083a6de7d7f8e5d80b774e3f0933499354e8fabc72f701a6dbd1787ae1d50fb41a3683462b8eea86e9fad510f3d3c077b6dc9f64c9f30cdf991fa6883462f827

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3442739cc9abde5b941ff97d2118267

    SHA1

    1e2c9757c90ce22dd93e925852c7d43accf34972

    SHA256

    0492518e78b9dddc9919e99c73eed7aa406a84fbb85e0422746f5bb4438a0a83

    SHA512

    0f6d1a067f1727ec254ebca702ee7b2141fcf51986f0eedb2498077e522589f3fddbc158342abc6ebe4abb69e3ec0b0308c9f03c13634a73290e10ca7ba93a22

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf0f6f20802a00a12da2987ec87e9f5f

    SHA1

    914ff43cc65bcd186e78e9454ce29b4afb40dee7

    SHA256

    b9fc01556b4f0656c71556155976c1243b2f61669a9bfc64b6719cfa1ce5315d

    SHA512

    602ba9545db8230f135d98e18e173d8efb5bff538647541692fbf3f20afa809b5aa130a9db5405860fa9fe1a337fefa7eacb50323a63c1b633760afbff89487a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9327015472632d047f56d38a66715ece

    SHA1

    d92f47758fe8e20c3782053beecb546da92473c6

    SHA256

    b1de1e9beb84c2d35f343f4e7b551e4fbbed9598b81d451f91f2948c907ad042

    SHA512

    054e6339bec9fceec3b14a0e73d5d26ee132da26f292eed1b4ff81572525a969b87877c81c7364dffa5536377d1875e9924c5576ab9e926c55731f50d07c6f5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fdbb0e258e030b9065d364910b416328

    SHA1

    027acc320dbd2f4c3ac201b054c4de45eb213639

    SHA256

    35914ab92317f9bcf298e2eaf63252884f6f1cd3b1477d256c15d37950e8c6ae

    SHA512

    4e3ff84f98d6af5c92ab451594721d4058bae099055a422dc7446d571685b5be521acf29acbf223e1182ebea4adb0272b4aaf3e47f221de2dd0a32d10c46f55c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7a8a7b39d33ecd48c7b6912dbf6ca24

    SHA1

    da23f4fe2ac3adc2ff687dd98ab4f911aed9c3ed

    SHA256

    2a644baceab13bf1cff8cb1cfd8075b752a705435434ceef36d1a7b16308d741

    SHA512

    dcc58f372566d26a3eae26621a646b6f1576e3e09172e57c540b7a18c01f9fa34e1342bd41141cfe47a3ccd666fa6c5fbe41bb78c670d1df68d3f7c1606a4940

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67302e772361e1624a3218a4cd47e235

    SHA1

    90631f3a1f3b030dbaaa084360a7296fb44f9de2

    SHA256

    b3b359b7a9d0d62520b7c7acb047f62ac24040741f580d996e95ffc8ecd3d9c7

    SHA512

    8055d3fdbd48579918c729ab3cc233e12245b05d8eef57994c56a44cb7618989fa28c6af31b94fdb9f51a6a71099b915c70cab352beede671e672946137d196b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b140a11beaf8b9b98427f7f4f511f168

    SHA1

    b1ad71db31192015f51706a32916d6be9c38dcb9

    SHA256

    8331366247875febd4b239f8636894afd4099cc153ed11c9eb8b4250a58a6e85

    SHA512

    baeed06fa603275d33b0c7e428a044a620ae87b9fac190dcb0ff5bcbbb764c90bfbbae8d8fa722e72398110fca9ef234a49b843fe37880e4e01d516335f9660a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89525b35a4abf0ad21098c6e8baa4b10

    SHA1

    0ad5aa64ad3cf053ea06ec2bfc3d95bfdc50b170

    SHA256

    8d8c481328152941aaddc11965187780e088c80b8633ebf5b226c26f5f47494a

    SHA512

    ec653b39b99fafbba2f7f7f94c07d00346b8dbeb4097dd7150270f60d869e0e5c03136f07e45c6026df0d8109f6f3ccd0f1884919bd70ad1593b3f8dd960f21a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC3FC.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC4CC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit