Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://jakwens.com

windows7-x64

1

http://jakwens.com

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    11/01/2024, 10:31 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://jakwens.com

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 18 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://jakwens.com
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
        PID:2240

    Network

    • flag-us
      DNS
      jakwens.com
      iexplore.exe
      Remote address:
      8.8.8.8:53
      Request
      jakwens.com
      IN A
      Response
      jakwens.com
      IN A
      35.233.80.224
    • flag-be
      GET
      http://jakwens.com/
      Remote address:
      35.233.80.224:80
      Request
      GET / HTTP/1.1
      Accept: text/html, application/xhtml+xml, */*
      Accept-Language: en-US
      User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
      Accept-Encoding: gzip, deflate
      Host: jakwens.com
      Connection: Keep-Alive
      Response
      HTTP/1.0 200 Internal Server Error
      cache-control: cache
      content-type: text/html
    • flag-be
      GET
      http://jakwens.com/favicon.ico
      Remote address:
      35.233.80.224:80
      Request
      GET /favicon.ico HTTP/1.1
      Accept: */*
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
      Host: jakwens.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      date: Thu, 11 Jan 2024 10:31:19 GMT
      content-type: text/html
      content-length: 1245
    • flag-us
      DNS
      www.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      www.microsoft.com
      IN A
      Response
      www.microsoft.com
      IN CNAME
      www.microsoft.com-c-3.edgekey.net
      www.microsoft.com-c-3.edgekey.net
      IN CNAME
      www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
      www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
      IN CNAME
      e13678.dscb.akamaiedge.net
      e13678.dscb.akamaiedge.net
      IN A
      92.123.241.137
    • flag-us
      DNS
      www.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      www.microsoft.com
      IN A
      Response
      www.microsoft.com
      IN CNAME
      www.microsoft.com-c-3.edgekey.net
      www.microsoft.com-c-3.edgekey.net
      IN CNAME
      www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
      www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
      IN CNAME
      e13678.dscb.akamaiedge.net
      e13678.dscb.akamaiedge.net
      IN A
      92.123.241.137
    • flag-us
      GET
      http://www.bing.com/favicon.ico
      Remote address:
      92.123.128.195:80
      Request
      GET /favicon.ico HTTP/1.1
      Accept: */*
      UA-CPU: AMD64
      Accept-Encoding: gzip, deflate
      User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko
      Host: www.bing.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 200 OK
      Cache-Control: public, max-age=15552000
      Content-Length: 4286
      Content-Type: image/x-icon
      Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
      Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      X-MSEdge-Ref: Ref A: 0FD04CFC1A1E485B9EBD8B31934F6D09 Ref B: LTSEDGE0810 Ref C: 2022-12-09T13:31:02Z
      Date: Thu, 11 Jan 2024 10:31:28 GMT
      Connection: keep-alive
      X-CDN-TraceID: 0.c3777b5c.1704969088.d7ec1cc
    • flag-us
      DNS
      Remote address:
      92.123.128.195:80
      Response
      HTTP/1.0 408 Request Time-out
      Server: AkamaiGHost
      Mime-Version: 1.0
      Date: Thu, 11 Jan 2024 10:32:04 GMT
      Content-Type: text/html
      Content-Length: 218
      Expires: Thu, 11 Jan 2024 10:32:04 GMT
    • 35.233.80.224:80
      http://jakwens.com/
      http
      762 B
       270 B
       6
      4

      HTTP Request

      GET http://jakwens.com/

      HTTP Response

      200
    • 35.233.80.224:80
      http://jakwens.com/favicon.ico
      http
      429 B
       1.5kB
       5
      3

      HTTP Request

      GET http://jakwens.com/favicon.ico

      HTTP Response

      404
    • 92.123.128.195:80
      http://www.bing.com/favicon.ico
      http
      542 B
       5.1kB
       7
      7

      HTTP Request

      GET http://www.bing.com/favicon.ico

      HTTP Response

      200
    • 92.123.128.195:80
      www.bing.com
      http
      288 B
       598 B
       6
      4

      HTTP Response

      408
    • 204.79.197.200:443
      ieonline.microsoft.com
      tls
      799 B
       7.8kB
       10
      12
    • 204.79.197.200:443
      ieonline.microsoft.com
      tls
      799 B
       7.8kB
       10
      12
    • 204.79.197.200:443
      ieonline.microsoft.com
      tls
      775 B
       7.8kB
       9
      12
    • 8.8.8.8:53
      jakwens.com
      dns
      iexplore.exe
      57 B
       73 B
       1
      1

      DNS Request

      jakwens.com

      DNS Response

      35.233.80.224

    • 8.8.8.8:53
      www.microsoft.com
      dns
      63 B
       230 B
       1
      1

      DNS Request

      www.microsoft.com

      DNS Response

      92.123.241.137

    • 8.8.8.8:53
      www.microsoft.com
      dns
      63 B
       230 B
       1
      1

      DNS Request

      www.microsoft.com

      DNS Response

      92.123.241.137

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      914B

      MD5

      e4a68ac854ac5242460afd72481b2a44

      SHA1

      df3c24f9bfd666761b268073fe06d1cc8d4f82a4

      SHA256

      cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

      SHA512

      5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      47KB

      MD5

      2468388a05552669e0eb572b0edcd63a

      SHA1

      98003b90dd8092fafd89bf9398b2a4c92638beb4

      SHA256

      6e7581ec37552d5096952d6303472ea9bfe2c80c9a39a13925edf58c7cdaaf42

      SHA512

      099557e4c1787c81e601e408722c2296d2e39791e3ddf216aee082edbeacda48043e96e3e5f0807dbb459643e3e8565316f1dd7f6ddbc7f26135a3c4ab48b952

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
      Filesize

      252B

      MD5

      6ff93a9062b00b7698c97054102f2d99

      SHA1

      6b14442dd15a2a5db06e4aecbd4271c48551cd5d

      SHA256

      8368b80ad7cb755678f57d52e6ac7a9ec4d9fa9bae0e19e3edfa48ceb0adfaee

      SHA512

      25ccb0c6351eb669cdaf5c88855aac8ba695d4e943e19f001ed84ce64e33ce41fbd0d69e25f8fad29cb625ace758686b5ebc214e78a39b3c2bcf5a6eed4e23c2

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      9ecf6faaf1c5d7424df1de66acd1960e

      SHA1

      11f4edba93e89f6fa21a3067262af373fcfd4ea0

      SHA256

      65417bc409544fc882e2928d1d9cd16a01ee05b827d120200144318c1a563d23

      SHA512

      7caaca2d00bc28d14edef536d65c3f402d04c6a634d22c23cc35a81b0881715c9b6f562282364b233119d0c14404e100850820e4a90d06892b022259bd3b23c6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b40e476f8c0379ce25a6c2d33d848ca3

      SHA1

      cc84ddf35c74dd1f9dbd00cfce67e1731ba48c72

      SHA256

      01c891394bda5d3f826d533203451cddfb165a04a9fb70df2a8240cf52e6ef85

      SHA512

      1a9233ea78a906454f5e80c03dcd0fbf2b99032658acc221ce9e7469c50858b032ca6218c8abe17b479964aa0789bc81c4d2aff74618566f79a5c01db2da0dd8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      cf520dae5a51ad2dd3e089586c3b70e9

      SHA1

      5421c81cad4ba76c3112242133219d74836a1f19

      SHA256

      fa4cb03cac9d801adbf7d2ed1d24a36ca983e79f60eba193e7f6c10db47393e8

      SHA512

      be931832a0a6fa8e3edbd22b26418730856bfd6d4775b1a17b03e3229f6b0aa2378c1ac8e364ddd33725df0e9312eb46ab6878f12b4e2072e6b2e3bcf2689bfc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      2a7a8120b8d529a7e890daf32d3d07bb

      SHA1

      8058765f867aff3bd3aed95fed7a1366a7774dab

      SHA256

      165ba25108b193ce83a5c47a05d397824ded635c7178207a51b61fc93d79bd98

      SHA512

      f4436698657c8c1081d08ac41dbdbba0d16e04046b78b8ef48134ea3eb423eb672a59429647a74e143af4ecf8083f5bf3554d4e4eb51db0604b46b3c0eaef1cc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
      Filesize

      4KB

      MD5

      da597791be3b6e732f0bc8b20e38ee62

      SHA1

      1125c45d285c360542027d7554a5c442288974de

      SHA256

      5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

      SHA512

      d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar398D.tmp
      Filesize

      4KB

      MD5

      28bd1fabc38b2587ef4041b11fd3ac6a

      SHA1

      803700f6b2b89a5c06356569908ca1af23067638

      SHA256

      702574ea4240fda88dcb09864ac9f82e6f44ef06ada0c2274af239ceccb2688d

      SHA512

      c2a83813727ab6dac249f0ce0ed86daef3644e4ab0daabbe0d90186c37d8420b59e3888ed2a9841a8f8c1a7c2238d53bb89f3f40c8d607d817590807f3ac71f3

      Download Submit

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.