Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

60500df149...8.html

windows7-x64

1

60500df149...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20/05/2024, 17:28 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    60500df1490762f01909944e39a58fbc_JaffaCakes118.html

  • Size

    3KB

  • MD5

    60500df1490762f01909944e39a58fbc

  • SHA1

    b53e5845edcfb1f4816ca7e196e10e76d117628b

  • SHA256

    bb46f5a1e931bcc773f902d2a8444633f3906068de41658c6530dff2008a339c

  • SHA512

    d076f18b692d1db225ad0e5d0e7a2990fe019d89e8a24346d4a155ae9b26d4b1363315623da7d616fe88aa6d43058d5f7343757aa784ae78ff9dd80a38d54111

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\60500df1490762f01909944e39a58fbc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3056 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2168

Network

  • flag-us
    DNS
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    party-nwvqdtumtz.now.sh
    IN A
    Response
    party-nwvqdtumtz.now.sh
    IN A
    76.76.21.61
    party-nwvqdtumtz.now.sh
    IN A
    76.76.21.98
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    216.58.213.14:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Mon, 20 May 2024 17:23:03 GMT
    Expires: Mon, 20 May 2024 19:23:03 GMT
    Cache-Control: public, max-age=7200
    Age: 333
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    450 B
     259 B
     6
    6
  • 216.58.213.14:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    858 B
     18.3kB
     13
    16

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 216.58.213.14:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
     92 B
     4
    2
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    450 B
     259 B
     6
    6
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    412 B
     259 B
     6
    6
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    412 B
     259 B
     6
    6
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    334 B
     259 B
     6
    6
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    tls
    IEXPLORE.EXE
    334 B
     259 B
     6
    6
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 76.76.21.61:443
    party-nwvqdtumtz.now.sh
    IEXPLORE.EXE
    190 B
     132 B
     4
    3
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
     7.7kB
     9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
     7.7kB
     10
    13
  • 8.8.8.8:53
    party-nwvqdtumtz.now.sh
    dns
    IEXPLORE.EXE
    69 B
     101 B
     1
    1

    DNS Request

    party-nwvqdtumtz.now.sh

    DNS Response

    76.76.21.61
    76.76.21.98

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b861d6eabbaab713abbba20646315cb

    SHA1

    0b40b0d98eb49de9752fd0381a908cad4897d870

    SHA256

    bc024242c67c9e64a30a33aeeb7ee86545e9c767031a44672159a6c00371c0b6

    SHA512

    18834378af0610171388078bd5c2a1f6f7d306e9d66ca933e8e579f9acb080ca14819aea71898e6cd41d5d94325ba643b1e2225528061e7d00df83e650a43668

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0fc0986bf6f6924e3df932d4f487cbd

    SHA1

    08a603ed8e5940750a464176d1f8ffad8f84c63e

    SHA256

    de0e3aaff297c1f9dc2af5dd759e0b629b4b280399b6972455dce809d79e2cea

    SHA512

    362926191d38b699204aa6b796cf293c116be78e148f464f3c3fe80a6fbd5240341b68fa10047e354349f0d213a0f16fb605fe2947f61044fda48779a75d7cc7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ed2cb18bb3efbfd5b69bb6e87bd9752

    SHA1

    24bb8ec535bcfa75620771955344412c52638fe9

    SHA256

    05c227df87f5ffce06541355ce923b20655421075824cd39bfd588325f96c2db

    SHA512

    5bf2f12566636ac14c50898150ea0869b1ea2f4eea0dcd9e2ec39bb31b6739ea1214e52fddb42bb99d65fa7a14ab53f40924e9c86b5a1bdc5889875daf09d9c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1328f201d4a444694544cc81ee480e95

    SHA1

    4fa903b6fa3436bc085c8b771b05c31e3e114422

    SHA256

    277cab2ed3fd672f5fe189c1321693d94817666116a35dbf791205df8e449488

    SHA512

    f51d366987a36e6d75afe8a4b1347161de95e10d6417f76e9839f607f04eedffef7b2909c801a97c54579bf306888747d6831a92d32abe24c2cd928aa2f1aa4c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    077199841b684a55713029da3ad384dc

    SHA1

    2f580516ba11b8ae97eae2b7d16da84e7f400645

    SHA256

    1347685ebe02c65bb53cda010c54a43c733d8850a0ab6b01df25c515a05c22f0

    SHA512

    0c8bd2c7e5452f22f60d1d8989b138ec4367f2bb6303055a004b80fba60fbee23c83e0e48c876a7826645c36ea1fca3a55b90c73fe6aa7dc9595f7185f5f49c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6d694984c422be254c1c3e1e2cb8e21

    SHA1

    6ad5495dbd966f6b44593055b9fcc5d2eda3b3ed

    SHA256

    becbca676f5b30704b24180103763f4247c557d42b41560c7403303694556e34

    SHA512

    426cfd4e657dd464f99b64957b46aa8e522956d7e80d17a824f888af67debd93bff32ec6322eb3889bffc61289bf9b81436f11daedec066bc18715ebb753fddc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d6ba5de441a96a159d10a5f8d80c97d

    SHA1

    232e1de667319ccc6f1383b182b083960f55df9d

    SHA256

    a722911a86348efebe9afbc0a8caf5049c98086f0313d19aa4d9db35f6e2b5da

    SHA512

    d3ab1aaf494394613ddd996a1fc14b33152bfa059adbb1cb4cf9afcb4c92d19f4a2e35a5a1061341bd464ad0c0a6d1b2c857ac364287291e1fb2208a6bdfff38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8df86851c790077f2f27a07da0e95274

    SHA1

    eedd69690bc2985124305d774550399f0840ce47

    SHA256

    978399086fdafb19ea845b2c5aa51fa73871ac7421ebbc6dd77f88339a2a92b2

    SHA512

    8565617ac4b424b576dad59d57347ec9a44cd085d23c75607c680fca4b81183923a7090cb517eeadc4eeaf5bf8b4e30db3a8a8a0da8e1c034adfaa0a1dec8213

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ecee65c78ac78217045b20993d2eb8f

    SHA1

    7ecf097de85837ad14cf1d8b98e9b9abadbc6a2e

    SHA256

    718c533c032cdd3a8be7077197d303bd9e15b78af1e28b0c7c39c7384abd86f9

    SHA512

    827541f88f4e92fe8b7edf3797e655b23bbded62fd72032c8ee50381a11543ac6c7ea9e4b01338cabea45b17aba99c7dee26dda5f74987d3f41f06e577b905be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f2b7a2cbab38396d713b6eb1266dc78

    SHA1

    b3f23286a183147290c721286c75520dbb6aeb25

    SHA256

    ae71255f51c065be44b8dbe5bd137aa4d5306bed196e6f0a2cdab7f596bb1e11

    SHA512

    3d1cad2ef8d675723f2f989113517496ea3341695ba85e7119280c5db1458f44707a083d87e1d2065f8c050d8b8f8a449488ecea9e8824db4d2f280faac71354

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf4af5bd571fe22a34e377635feac5f6

    SHA1

    e988ffffa9f67af8aaa8417246069bef19f9122e

    SHA256

    4d185dcb145c8ee0aa61e5769bf5f497265d53c46e814eb4a290117552df855d

    SHA512

    68fd7008c631f9ba1732861a4999ba2309c6651bf4dfff8bad737f6754c31b1d874598d706557eafd77156546db74b6c422ac5ef15e762d92dbfe50333f6e064

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdef24d516161a951c3009daf8343e4a

    SHA1

    4f3a5e4548c9ac988ec3165d6c20ade6779cbcce

    SHA256

    9a0b5b50f3f1d1b1624c7dfd0e9c64cc4d985b567d6df6e4c824e5466067e500

    SHA512

    7d5f8d50c2e4858d72dfc568e189251a5d9a22ef4d81fe711d7b5ac3df87678169ee8e5a14061c999987c61499956fbde5af1738ade0091393768e602a06e139

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80f0c39518c255abe7fc44e9f4a7ccc3

    SHA1

    7171578b3ad67e51325544a136bdbf048ac2c878

    SHA256

    cc5a8b43e8242dc2aeda94eedbaec2efd421717b5ab42d95452f3b473a51be1c

    SHA512

    142e70666fb594d91a8176ca922bfb61c15bed173ef67c9bedc9025addeec7bf7dc03683b3526b3f88a3a95dea098ad574cc8572e9c1bf6329a49a61cc7e8601

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    79037000bf4984a2d9ee5632f2c37242

    SHA1

    ce86043e0b2ab08c476185e66c10635cf4dd1740

    SHA256

    b4c7f6f178c210dfaf7c5b2d2e2a87bdd6c4fb1b51ecc82dc83086ec7e4abe0e

    SHA512

    d865ac5ff9617d3c8dae9ea797b954a32f4ab7efb1d2b60c7108897c6e11c048f526a35f22e615a949948172f5c4bde18d3838d6401f6d070430795cb07ba42b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    981af223751a18bc51fbcd0074af8a53

    SHA1

    b6fe25040516084649a60b40445237f79bbe4aee

    SHA256

    1b6b35f922a80947cd55292efdde1c5939894a970bef649e74d89dca1f60a7df

    SHA512

    9e1a941574afa95101ff25c22fa8a02d80a177ac80a8fccce27ab20326263e85b3a7647942a832d8b445fac70464c6a1d02aabeab2222d4a339e644df38ff57e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3B6E.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3BAF.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.