Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

1469e0b199...8.html

windows7-x64

1

1469e0b199...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04/05/2024, 20:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1469e0b1995d89e696c9f807be95e4b4_JaffaCakes118.html

  • Size

    22KB

  • MD5

    1469e0b1995d89e696c9f807be95e4b4

  • SHA1

    da6ecfd3ece88cd3b48bf25938d584bf78d35958

  • SHA256

    34d42928948a5f57b15e9e8a944c2f46383cd8b723f0bdfb2d8b12924a70a334

  • SHA512

    a76ffb09e5444e2d6a509972138d6e6923486fdbee0c4f1877ad8a3e55b8960f3f611ceb3c098f1fdce58a4278da9f27576f37c12ac02c76d72f9e574fbacace

  • SSDEEP

    384:/SOBB9jimMRUzmWg69wdNxWx3xLxl71QiiVDiRic+iotJixAEigDXiR4CiMPsikl:f/fhRlPNEqpSNUGuP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1469e0b1995d89e696c9f807be95e4b4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1404

Network

  • flag-us
    DNS
    dragosimport.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    dragosimport.com
    IN A
    Response
    dragosimport.com
    IN A
    77.247.179.84
  • flag-us
    DNS
    www.tonerdump.nl
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.tonerdump.nl
    IN A
    Response
  • flag-nl
    GET
    http://dragosimport.com/js/
    IEXPLORE.EXE
    Remote address:
    77.247.179.84:80
    Request
    GET /js/ HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: dragosimport.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 429 Too Many Requests
    cache-control: max-age=0, private, must-revalidate
    connection: close
    content-length: 17
    date: Sat, 04 May 2024 20:44:32 GMT
    server: nginx
    set-cookie: sid=1cc7a1c7-0a57-11ef-a0ea-2165b46811d7; path=/; domain=.dragosimport.com; expires=Thu, 22 May 2092 23:58:40 GMT; max-age=2147483647; HttpOnly
  • 77.247.179.84:80
    http://dragosimport.com/js/
    http
    IEXPLORE.EXE
    480 B
     555 B
     5
    5

    HTTP Request

    GET http://dragosimport.com/js/

    HTTP Response

    429
  • 77.247.179.84:80
    dragosimport.com
    IEXPLORE.EXE
    604 B
     204 B
     13
    5
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
     7.7kB
     9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
     7.7kB
     9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    1.1kB
     7.6kB
     12
    12
  • 8.8.8.8:53
    dragosimport.com
    dns
    IEXPLORE.EXE
    62 B
     78 B
     1
    1

    DNS Request

    dragosimport.com

    DNS Response

    77.247.179.84

  • 8.8.8.8:53
    www.tonerdump.nl
    dns
    IEXPLORE.EXE
    62 B
     133 B
     1
    1

    DNS Request

    www.tonerdump.nl

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b18a3e73b7000577b92314af2deb35c

    SHA1

    953eb60585c2df03d6cf70a9e87eb72f412a5693

    SHA256

    2dae0a810a1a0e50ae8ba8d003ba6f19b850fc2d835a88f4dae5c0875caead54

    SHA512

    0f3e2d6dfb236a9b9a21e2569f8b471014aaea708c616a2b8ad786af94c0c5f5a3263ca9f018e8e6f7bab5eb27edd1e1245bc14b94cfb6fff26282c2d5070d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32607063bbeb5cdc18d99b81abb37ed0

    SHA1

    2aa93e63496699e98afc67006f7df09a1c3bff9f

    SHA256

    7f875c0b6810b900f1799e24ee5ddb0c0f0478638157d76abb6523213b42cb7b

    SHA512

    abcb3c115728742030f76ddd3cd0db0bf15559a31928d6ffeaa60a4c4e952c0c65be33fe1eddc1c7d9c44ee7cd078be40eff41cd61b6a8f2dcdc77f31cd95aea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9953f49d851d2a1c156ec87b82469370

    SHA1

    b7d1e47ec8459570ba21631a7108248a142eb9e7

    SHA256

    9841b85a49e92784ed6ab785979dab5d5829cdcbfebff39f00d89c4d0ae451b0

    SHA512

    de2931ef7ca87716504de1767ee1d57bd8d1131483775ddb1b56f577347a19450bfae6815cf7d8bfb63f2924e4fabc955b94dad633ea1c4dd19e3f3828cf6443

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74daae2085dbeac521139871ac0f91b9

    SHA1

    d98b8adee966d7bc4402115bd444e812492f7090

    SHA256

    73a340b4f65a9f7947e3fd06f24bfc6c4cf5d0177a00d5c3920eacd9e4044d1a

    SHA512

    fcfdcfb78edf66a68bc8af9e90e2b695417638d38e3652f0f1d013f1be07a550fa17c832d45028fcc96779083a4a6e1634d56ee640db159d8cf2ecde41165ddc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab1a4b79e8e5da8c8cfa54cf480229ae

    SHA1

    750e7d9700b2056a664b49dbc8fdbd6e7b8913c2

    SHA256

    de73a47556506b644e3db00b8826e274e418e30f3ae033c6760eb657b0c52ea4

    SHA512

    3c713e7a14d4778aaf8c703faefdc3e7ccdf3791e5eae7baa7baa6e276086de4e6c80a3405802cc73b3f0ec6fab91b7d938e2923394589c04bc2cb02cca156f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75a024f7fa33966c9d0d4fb4c1b49c9c

    SHA1

    ac8bd59ff412ac7caf6f0a2714ce67c31c2904ab

    SHA256

    5780b8a915160115e0541e0d1c041d5f913801f03f08cfa456ea76db360400e4

    SHA512

    00ae0bd3821c7942298f1f552c1a9f26eded050799136ef334206cc0e5216b5ec8359ca375a6e36465b4e0df796eaf137f8faa8675fadf7aa557628dc82aae99

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd25495a3346dfc1953de1b28637efc2

    SHA1

    0c7638180e962b386b2fcbcbc1b8fb328a96d78c

    SHA256

    abe4ee9cd3e12fd6de110d5fb6c522dc6649b7f4b2f5514f6d45d72a7eb0c0f7

    SHA512

    51d9ecd2aa4e73c1ebe50ec8b1504635b6cb8cbd45e5138b1eebfcf9f4a7071f476b3debd2895663e0ed65d47723694d1a6b8da24aa6205bf0368001832113dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69d81588d17941ef2a724753b5d43c0b

    SHA1

    4cfb50e43838a560a5d66b91b3c8a97e1597d702

    SHA256

    2d6e778fab3b3fc25d2b6002748dfddcb7b392b8c43856c980b8d88c8a2e24e3

    SHA512

    2083d5d86a8fbd725366b0c034f10f6483f6d9725499862d7482318513bccb10774d496362c72412a53ad37d38326610b9e12d474a0680dd0d62c14b16ce283f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec63d6d7c19d0548f886f2c20f66a66c

    SHA1

    972a85b039a1748512b43904b5c78fc22c89897b

    SHA256

    f91a6f90f27dac5790066b9119f3f2554cf0a23975d792a61b19c3fccf019ce0

    SHA512

    b7ebea4c1bcc34f78de7e562038bde525ce9e8c90ffaca74dbc930b7513c1c944908fbbd832dcdd184e97547fdd38a408af0431a22420c763f1e21248efe189b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b1863eb1abe7f1de606957c3c61df94

    SHA1

    601cd9c3a4e564bf2635f00952b39afc4ac7c510

    SHA256

    ba3a92e4a1ccf462e88111dc4f016c25dbe3a443400b2d64f03233b6911c77f3

    SHA512

    7cb21d97acf9d476ad0c65a98b3e639fe2e864ede5d5537548adde827a1e3a47ca1ba41880d5cf529c80ff568a2113003f4b1ac8cc7fec12ce09f95700e32f82

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b88623d7df16cee0a44d862c2aefb00

    SHA1

    27974867d050553adf805b0d5149c2f0c0472c87

    SHA256

    47bc0299b491b19be57e7bc8f980e3bde5d5e2403e7750dbde4bb347fb11be6f

    SHA512

    a98b92be2f96543b8547c393ff5326bceb39d173c9f925768016d71efe26c45e2d515cd56c4b0755fd1fb4a9baee5c328ee26605ca5bd7c4297a79fbbdc3bfe6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01565b36da50d01c1d2f8f0c91105924

    SHA1

    99ba0e14706716655a49ef460e8950dec728468b

    SHA256

    f60f446c2822c5c3d0b4927086dec82990fd90ff6df7b2c42f287ceb9c3b5ece

    SHA512

    20214afcaeb92eacd552a528ca1c807766b83bec487acd9016c7f18cd7c093624baed064e9051a2a155f763fc84d28c7000b9559320cc0089fa546d22849a00e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21f18fd92c9ceb2e4e34d7ed7ae86927

    SHA1

    3d431caf9bf740ec3117f44b8bbd18bd8bfcb93e

    SHA256

    452de6aee1ba4007e6e3634cb256b189e1e39ec2c33b3b53b52b73d222e22340

    SHA512

    5c323d4168c2ad752f5a5e77231535425a44054c0e47091fc6ab1921cf80208a9244f28e3ef87f1b0b0424b7a7fe01d6575d302ca3f2b1a025c2f53162580da9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01ecabf01e6e300ca7ac7fe716f75d72

    SHA1

    c205dee069c64df3f4e76f5f92527fa93ac467b3

    SHA256

    b50cec29dff36d3ffcf78462a67d9199bf16d3824c15900450a03123fa53d88f

    SHA512

    fc32644004fb2d5bd9c0efd2199b313255ec38561d0b8a8097803082f37cd2f3f8ca670f00e7e52aac3b07ca5bec0bf3c7b7e23b5913f3300a253216beeab36c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA392.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA56D.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.