Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

26655de18c...8.html

windows7-x64

1

26655de18c...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 19:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    26655de18ca9eae7576bdfbcf595ca97_JaffaCakes118.html

  • Size

    168KB

  • MD5

    26655de18ca9eae7576bdfbcf595ca97

  • SHA1

    90cf2a75d4045f006044d4cbeffc8ebd87a210fa

  • SHA256

    f4ace68ff7e25c0b73b8ef6bf00f8e9cb730ea2c02b00d6ceed8988e4e88fd17

  • SHA512

    fefe5bf92feaf90e58aea8e3016acab66adb58721ba4a74d6401474ba18be4d17c90704beb466ea564fa1a2d2d80bfb446f9e9c9127644e24546e50dae59ff31

  • SSDEEP

    1536:hyGEDoG/G0cTy3RKyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oE:dGKT2RKyfkMY+BES09JXAnyrZalI+YW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Modifies registry class 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\26655de18ca9eae7576bdfbcf595ca97_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2808 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

  • flag-us
    DNS
    www.277288.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.277288.com
    IN A
    Response
  • flag-us
    DNS
    www.449588.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.449588.com
    IN A
    Response
    www.449588.com
    IN A
    156.237.230.12
  • flag-us
    DNS
    www.90488.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.90488.com
    IN A
    Response
  • flag-us
    DNS
    www.90488.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.90488.com
    IN A
    Response
  • flag-us
    DNS
    s13.cnzz.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s13.cnzz.com
    IN A
    Response
    s13.cnzz.com
    IN CNAME
    c.cnzz.com
    c.cnzz.com
    IN CNAME
    all.cnzz.com.danuoyi.tbcache.com
    all.cnzz.com.danuoyi.tbcache.com
    IN A
    220.185.168.234
  • flag-hk
    GET
    http://www.449588.com/images/pj11.gif
    IEXPLORE.EXE
    Remote address:
    156.237.230.12:80
    Request
    GET /images/pj11.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.449588.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 May 2024 19:36:18 GMT
    Content-Type: text/html
    Content-Length: 807
    Connection: keep-alive
  • flag-us
    DNS
    www.90488.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.90488.com
    IN A
    Response
  • flag-us
    DNS
    www.90488.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.90488.com
    IN A
    Response
  • 156.237.230.12:80
    http://www.449588.com/images/pj11.gif
    http
    IEXPLORE.EXE
    553 B
     1.1kB
     6
    4

    HTTP Request

    GET http://www.449588.com/images/pj11.gif

    HTTP Response

    200
  • 156.237.230.12:80
    www.449588.com
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 220.185.168.234:80
    s13.cnzz.com
    IEXPLORE.EXE
    152 B
     3
  • 220.185.168.234:80
    s13.cnzz.com
    IEXPLORE.EXE
    152 B
     3
  • 220.185.168.234:80
    s13.cnzz.com
    IEXPLORE.EXE
    152 B
     3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
     7.7kB
     9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    785 B
     7.7kB
     9
    13
  • 8.8.8.8:53
    www.277288.com
    dns
    IEXPLORE.EXE
    60 B
     126 B
     1
    1

    DNS Request

    www.277288.com

  • 8.8.8.8:53
    www.449588.com
    dns
    IEXPLORE.EXE
    60 B
     76 B
     1
    1

    DNS Request

    www.449588.com

    DNS Response

    156.237.230.12

  • 8.8.8.8:53
    www.90488.com
    dns
    IEXPLORE.EXE
    118 B
     118 B
     2
    2

    DNS Request

    www.90488.com

    DNS Request

    www.90488.com

  • 8.8.8.8:53
    s13.cnzz.com
    dns
    IEXPLORE.EXE
    58 B
     133 B
     1
    1

    DNS Request

    s13.cnzz.com

    DNS Response

    220.185.168.234

  • 8.8.8.8:53
    www.90488.com
    dns
    IEXPLORE.EXE
    118 B
     118 B
     2
    2

    DNS Request

    www.90488.com

    DNS Request

    www.90488.com

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99b34317bfa30e78409b6a2e321487a5

    SHA1

    5a37021bcb94247f484350f1d25420dd1f77ac66

    SHA256

    d64cc208fec34bf2bd322a1f1d8b6d2010b0b6ed3b97e45006ce517eecf03ba9

    SHA512

    d9c6c7d599aae9a3c7459daf8c6f0acec6876037da70f9c97f540f38fb0bfa044f28ee24044c27292c3fab64604d323774b47c286dd91f06926bf29ec100c45c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7550eaec9ddab5c87c3462c59633128b

    SHA1

    3e3ec76fe8111352a17019e867c6c43cc8199f42

    SHA256

    865184efdd2916a9f290320cd601f9c5306164361977c88f7ac8118b9f744eb1

    SHA512

    6eadb8c046bc6cfe948189f35979a724a0e619e15df6ab2b38c855a8bc57475faa1dd3c4885cbde35f74fd5508f3d37dd680bb436b294b7568b1ce71ed86877e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf86bae9020bb63661a387a52e43e694

    SHA1

    df14bace3b8988ba75a0f296e39bc72c7739cef4

    SHA256

    464ad3b368f0877f5670f7ee4d61f16e92e8bd28d9808ec83ea70956425dd3c7

    SHA512

    5b215c09f81c9ee8d6b8bf39816bd1c534b32e366663b80f619c2a7aa794b18fd5a5f5d306869528b8964733777f1b9c71e5d1ac50bd736f832b355b4db5c88c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    937a2ee656e1e010c776f00d1b7174f6

    SHA1

    702721c19d62b14c93717609cea9b89f4e567eac

    SHA256

    4251c77eebcae3c9aecb716d60a3723036c39bb8b7c3d1cce217ce68e26a5392

    SHA512

    6ed2cddeead8573ef72e452a07672f5845939a9770be39bdfa0a4fb6de08888c31ba6b1858101308d81bfb21d73af93ca3615ded470ac959cb90d1828b51381e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90b3ffa6d4d997fedce2a5b796c6f296

    SHA1

    b768b59c964f5b2d7f41d034573c746c6db8f95b

    SHA256

    c2419174c083485489fb7a8b79eba9abf89c7a1ce53c023f8414050847dd815a

    SHA512

    958e57f0ddaca7bed563d95c2835b2dfcbc6e002097f9b8b54b6859053083b3acb6c2631287596ae7125a783af91f1654ae623d8c6d3fc583220af91014281ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c3d21ede38972470ab730a84df9ab24

    SHA1

    5ff898f67410aefc6370c7a82c6f8552b78dea4c

    SHA256

    0e4db3b81654266050781e93f91b6d9c67c7530a73b30ac85b3777d548eb30c5

    SHA512

    2373dd6856d9cb6d3ecd65487ef0cfbe147c8717d3642cceb2c0619fe3c1a06d983cc98ac2fead720426fcb9e2e85b658d003679578d5b179b0dfab5ef811d41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    947ad37c4c669f0085ad3b68b1743d4c

    SHA1

    502e32a379429928678d060383714b652473bc72

    SHA256

    f7ac12993032445992c996abfbb7d95b4669e0d0704f47ea9c0b435d61e82f9f

    SHA512

    3f383af477e58d3308a3055749b7bedba67d1767372c23dbda65ba4abb4860c276d195d0ecc0f5126b21d52e0ac82bafb123d0f3c2d21401c4d9766d605c9733

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a41b7ac09fdc7e4647d285c6107fb101

    SHA1

    ed99dcd9477dc91deff7556bf970ad9c9f8696f3

    SHA256

    ca90ca4e17892807f97574cd182858fcf51879c033bbc3de0128af7875bd4943

    SHA512

    b6b82614c4153edf0605f7837727208869a88a6ce0fd3e656daadc942f5670614827b89be7dc8056025b3de991ca210c00d2a6118d29734004c4a3cbeb7dc62b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5c4e3c31ea5a9f58808cad6026ddac4b

    SHA1

    54caf14c88559e6fd3447364341ac0f238efdf22

    SHA256

    615d1398ad8851396d6f982791b4f8cbb1771aa75d4932c16e6b967085d05fa6

    SHA512

    04aae32c1077e2639e29722e9debb905056023e28f89773e37059887a70c31e695c868575846a4b4ef8abc662a08febec2158868138ebc2a405c30ae8260c26b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    050c04573d771f6522a222007b8614e6

    SHA1

    39c4d9855eaf2890534f854bf82918c5df83a708

    SHA256

    c612d21f6d225433b6be551dbd6a9ea5e78609ed9f4398fa4362556454afa669

    SHA512

    17220c8ee6126e7c153814993ba82c5b523bd3a94fc1b79048cfe4e2b7b6118ef6c34405949f8898fe7a071a34f8fdbdfae2521034171d46b90ef9894969b8b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e8985bbf5ae85dfc353cd3b584c856a

    SHA1

    965606902a41bc46a5e22881d2e6b8cc9cbd5dab

    SHA256

    fd2c9ae014a7e3eb2d4f57b99ea40c81a0be5cd1637a24ef15856926010804c9

    SHA512

    94caf4075149f6e0a9d651f41d9a52b5a78f6d1efda9f87d411d90e361f015342c02a3b651a1b51e469853046994a9befa666df72d69624e1f56a8a706b20e7d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    169bcfdfe81015df0f49697637286ec9

    SHA1

    2687f9c2365846464da9f04cec22873790cf8e60

    SHA256

    e026700fcc3bb68c25a2aded99d1ad2781699f9c4f3f5ee29ceed602526040ab

    SHA512

    461d64e6685ba3d0746f7f5cf90782f163613047c1267aef2a63fe99efa7061dc21fc4e1120cbb9565d970038790e7f3c4faec59abf6b852edc5dd6b335144f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b87441cc89d03151eeb5a054a71eaded

    SHA1

    ce0327b748ca2de5a5efbbc64248d7d65906565f

    SHA256

    97ee1a6f2441cda246b6c77780a5ba3758a7495972ae24d3cce5aaf518d238d7

    SHA512

    3ccc2184017805da7196a351fd569a538a6e7577c3c78ee2fb4acdeff9a143eadfea969d66d88ee3971bc939def0125b448ce8652bd9599a7f44196ed183deac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b14985d6ba7d61af89772ecad0d781de

    SHA1

    332052c4597e26c75292002c4bff9462726475d2

    SHA256

    b3fa476ae7ce7dfa0465d6c408b1b598e3718acce7a4555dd2ce1f2fae3fe1b2

    SHA512

    e11ed6436ce1c89e0c62b6948c2691efa89090cf9864f27267a549718f430b671a1248beffb695101da77a3290a328c037d4b3f349a6a1dd62a253c97b23c1fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34f2fe71845faee5c32b7eaa47b1e27f

    SHA1

    b369abdd4e1838b3ce45b25d1fad9addbbc8f1b6

    SHA256

    e7bd07a09ac7300d9ccd14390b2eab06ee8b0bbd477ad421ea50c9254a0b11ab

    SHA512

    45dc651be9f7716fa6ea713c900d252c411bf46a1e4aa9086d608ae78938524c6329915e53a68820265c9756544a6d246cffb184108a59348de120c3384e6b46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73b447fbf2aff34afd74bef5ef2e641f

    SHA1

    15e6612deae5e6cf1252c07b537ccd471ca2bd7a

    SHA256

    f990d8dbf643610df8e90bb1e82e9eac2c4534118503b4090d2184c43f09fe1f

    SHA512

    18b337855bf66575cc1be1d3247b26a22ede3fe73ec7417294bcc11769cc3b499e86131be4a0256168705b9f7c04c53d462661a9da965a18dcc9bb2af6904270

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d062b87eee425b85b3c3dd2a195c6e5

    SHA1

    a503ad605e6d2656646295e45eb8777e7a10c8ae

    SHA256

    9b8c08f4e388f4e4c24c18975bc8a853085c66432b0b803c0dda3ce7200c6bef

    SHA512

    aeeb803f5e0efc84ed55f4b15662d2868097eb9699952644ec1da4e46298f1e8394e466a44bcde0f64337de7df0271d05b253e4071ff77741085e6da436ff7a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf4d84b1567140f645993986a7a5512d

    SHA1

    5add06d382a3f7c453850d3943f999d5c38a9576

    SHA256

    21bf953eedfb38ce8639567543e2e6b18df8998855e5aec82cf79c4468f6251f

    SHA512

    36fc4598d0c3e463bfe9ab5a4e2f1838528607da08c9e331320d26614541444ec4ef0100803912fc4ebcb9349bcceec3e1374a3ecb47df640ce34bfe74565a12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82df4bc626cfdca1bc2d548c1fc7d0a0

    SHA1

    78af9c47b4ca9b45680a2592f7dc410a669c9eef

    SHA256

    0beb6c52904d12b3e06e634b38c4cb1b92b852f624babb0eb608d2259610d257

    SHA512

    c4858be4a1ff94c8c76bc309c125f5af7c6387f3324358b094276513bc73a92eef4aae159c7fc42424b659c4f6d386d31496f5151d6fddfe54145ab588510066

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea333a69b82875fa5d76f236fcd4d1c3

    SHA1

    901e139fb0ff50a7120e7ba9d97098bf9c5f8e10

    SHA256

    849bdc4a2467e63f3a1ad54040562bd3488f16b6f8ffa980c55b2c3c35bfb47e

    SHA512

    3aa1e36f1a625c8153aaf1bc564da38036f4038a63148d157c0018daaeac61ad996312e76387d038bc31dc7a152d13e69d2ddf1fea6c4b010b21ee8bebdac72b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4f802f8cd51afafd1c1183a1e233047

    SHA1

    d94bdd11b523f14fe364b77f92866b802e8c5070

    SHA256

    a568d1040b32a3796d8720acdc85bf7852efac45d9f09d4ad67db76d1baa45ca

    SHA512

    3122357ec97441c97db1128d8cfa6dba38c7e46d6583d5299a44bd729898d209ee01fc78b2c6858a247d6a8d5880ed73a2b3e595ff25d8c13245021d1a3de846

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5cc2d45bd2b7e4715d9d6f2f26b4a96c

    SHA1

    ae716f5eac1ddf9876d7c84de9b41d0a35f1674a

    SHA256

    51f8cb118ce99df3ac0e8618d1daa9b6469f729a934faea24c5e76374134bca4

    SHA512

    e2fba13b02cc5edfa7b09f8333dc05d0682b719f17bd9cdae58a58392f154465639ac04289fa618d59cf062eb6c825b596d5704626c3e9e22d330358f074ed3d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3709.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar381B.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.