Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

669c878e40...8.html

windows7-x64

1

669c878e40...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 08:18 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    669c878e403cd4a7b3e7f4e06d779cf5_JaffaCakes118.html

  • Size

    15KB

  • MD5

    669c878e403cd4a7b3e7f4e06d779cf5

  • SHA1

    4d111eb0d94579dcdb1bea5d8606971ca3054a1e

  • SHA256

    c49619ee2d9f928b58b0b0c717987a41ca7f6db5b7457a2d8345c14a5f054c1b

  • SHA512

    57944befd87af583ad2caf13831b4f47a16e22c4d180e66600ab74a3fb857de4d3608c6af1b22712e13a64e92292df318b0b481a334e04c83f8d621ae84861c0

  • SSDEEP

    384:z93TRVSH6u7mkHUKsfb3zu+MvqHE9EltG2og:ZDoDUKsTjtE9xg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\669c878e403cd4a7b3e7f4e06d779cf5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3056 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2168

Network

  • flag-us
    DNS
    lineacount.info
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lineacount.info
    IN A
    Response
    lineacount.info
    IN A
    103.224.212.213
  • flag-us
    DNS
    IEXPLORE.EXE
    Remote address:
    103.224.212.213:80
    Response
    HTTP/1.1 408 Request Time-out
    content-length: 110
    cache-control: no-cache
    content-type: text/html
    connection: close
  • flag-us
    GET
    http://lineacount.info/cgi-bin/counter?id=92426&ref=
    IEXPLORE.EXE
    Remote address:
    103.224.212.213:80
    Request
    GET /cgi-bin/counter?id=92426&ref= HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lineacount.info
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    date: Wed, 22 May 2024 08:18:19 GMT
    server: Apache
    set-cookie: __tad=1716365899.4374757; expires=Sat, 20-May-2034 08:18:19 GMT; Max-Age=315360000
    location: http://ww25.lineacount.info/cgi-bin/counter?id=92426&ref=&subid1=20240522-1818-194d-b461-729206733ec1
    content-length: 2
    content-type: text/html; charset=UTF-8
    connection: close
  • flag-us
    DNS
    ww25.lineacount.info
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ww25.lineacount.info
    IN A
    Response
    ww25.lineacount.info
    IN CNAME
    77026.bodis.com
    77026.bodis.com
    IN A
    199.59.243.225
  • flag-us
    DNS
    IEXPLORE.EXE
    Remote address:
    199.59.243.225:80
    Response
    HTTP/1.1 408 Request Time-out
    Content-length: 110
    Cache-Control: no-cache
    Connection: close
    Content-Type: text/html
  • flag-us
    GET
    http://ww25.lineacount.info/cgi-bin/counter?id=92426&ref=&subid1=20240522-1818-194d-b461-729206733ec1
    IEXPLORE.EXE
    Remote address:
    199.59.243.225:80
    Request
    GET /cgi-bin/counter?id=92426&ref=&subid1=20240522-1818-194d-b461-729206733ec1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ww25.lineacount.info
    Connection: Keep-Alive
    Cookie: __tad=1716365899.4374757
    Response
    HTTP/1.1 200 OK
    date: Wed, 22 May 2024 08:18:19 GMT
    content-type: text/html; charset=utf-8
    content-length: 1266
    x-request-id: ffd4712d-77bf-48b9-9623-2e0d186ffd3b
    cache-control: no-store, max-age=0
    accept-ch: sec-ch-prefers-color-scheme
    critical-ch: sec-ch-prefers-color-scheme
    vary: sec-ch-prefers-color-scheme
    x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_RoExhD69JY6BwaukLwdhiWDbCDpeH0K6qIcUocws8zE3ob5rPe6UQ0aGxxwRXiwRL+GVFZ61bf/c0ZNqUYxoDA==
    set-cookie: parking_session=ffd4712d-77bf-48b9-9623-2e0d186ffd3b; expires=Wed, 22 May 2024 08:33:20 GMT; path=/
  • 103.224.212.213:80
    lineacount.info
    http
    IEXPLORE.EXE
    236 B
     365 B
     5
    3

    HTTP Response

    408
  • 103.224.212.213:80
    http://lineacount.info/cgi-bin/counter?id=92426&ref=
    http
    IEXPLORE.EXE
    505 B
     536 B
     5
    4

    HTTP Request

    GET http://lineacount.info/cgi-bin/counter?id=92426&ref=

    HTTP Response

    302
  • 199.59.243.225:80
    ww25.lineacount.info
    http
    IEXPLORE.EXE
    282 B
     445 B
     6
    5

    HTTP Response

    408
  • 199.59.243.225:80
    http://ww25.lineacount.info/cgi-bin/counter?id=92426&ref=&subid1=20240522-1818-194d-b461-729206733ec1
    http
    IEXPLORE.EXE
    962 B
     2.8kB
     13
    6

    HTTP Request

    GET http://ww25.lineacount.info/cgi-bin/counter?id=92426&ref=&subid1=20240522-1818-194d-b461-729206733ec1

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.6kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.6kB
     9
    12
  • 8.8.8.8:53
    lineacount.info
    dns
    IEXPLORE.EXE
    61 B
     77 B
     1
    1

    DNS Request

    lineacount.info

    DNS Response

    103.224.212.213

  • 8.8.8.8:53
    ww25.lineacount.info
    dns
    IEXPLORE.EXE
    66 B
     111 B
     1
    1

    DNS Request

    ww25.lineacount.info

    DNS Response

    199.59.243.225

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ae78113a952e85bfc8edc03404738171

    SHA1

    35c08f598547e99d0dceef3e83e04b0f32d0c4f5

    SHA256

    e1f82cbd5fe5751cea4b81c85b3f689b34a0fefbe13098f28a574425617c0d7c

    SHA512

    467a3c44e337059b4b9ac2c4ed5953aa5cf9cec7e250c5f551e331c6b4fbef4cfb24de24db76d528f6a892bce329f3d296f0e7fc3b42e9cc8ed0e8dafad66582

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fdc48ea557a660ba4af308d5889752b

    SHA1

    edc32c225444f9cda448d5b1390e15fa6411bdae

    SHA256

    6bbd11f4a03a54ef769e31f17762084d331ae75ae761b2deafe1190128f0a5c6

    SHA512

    7a55f5112186df530c4c322ad12584630429884251545483803161cb4d14fd4e5867d87bae6cc4519bcc2ea1fddb0ed70800075f86d90f0b0f123873cf3a02e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0bf83d3e3687f9b390dfefe4dffa8749

    SHA1

    99e6779e160adf3840cd0f7e6e2b39b2d451990f

    SHA256

    4df21b1c5488556a758f6786077555a8d31de9418d1322be05eca9b0d5023f69

    SHA512

    4cef310a0d6cd3d086283db28aad175a1c6196416c9ee370a615affa06b708b468ef295ac26e31c0417155803af9ec243cda33c600344c4b7470dc3bb6aaed04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    21c0a5ee4ab1c319c634af81572ee453

    SHA1

    c9e7ab6ba25303a8134564acf777ff4028a5d88c

    SHA256

    ba8389892f60de3ee20137a67316268ae979c9600a2f2797c0606abbdc6d986b

    SHA512

    7a581ea5d85417e563f1d64303aae6173360851d95a364ae8df722015acfd172f5b50931ec1ca3961271e86e30694a6b4760c7b3909e774746cd4bcc945c632e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2203c67cf8f99b58fee0ca76c6b2e61

    SHA1

    111dd1cc5730bacf82c3981f54db197408e9f7bf

    SHA256

    3c4a12d273fd88d059d3151c5bd4f7b57e66151974be600da1cfd4a0c5a32943

    SHA512

    a3e2deb095ee00d132c1e5db9fe292a5e2c05ab3bac12c664c6ad7feacff31985340f2326aee416fa474e9e5ee9c54402f523f187a491169ad003afc8fdb3c07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5c85ff46d1322561a4461934f55e4b7

    SHA1

    ea9deee52f9102b0f3f64372214147bf5879be94

    SHA256

    9851d5932faeb36acf6781eb13049606bbc3fe8e4efc7c2405436e3161f8b46b

    SHA512

    e3dc5e763d84e95069d602f2e2769107ad97ad60892087684c33b20fbed5784ee3b0914aa00763d35c9f17d5108f39205fe5421ea613be444ef6d7927552cad8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2ae4fe93de261be250555a2509578627

    SHA1

    fbe217a3fd7149d790f7fa09a8e728b9fa9ef740

    SHA256

    3fda56708b8a3e5c7ae890d2a41d788b08b465b1d12c6bd6b407553d0f9ff7b7

    SHA512

    84610b9a36cd92f77e92b5e292f864b7c2dfa0f7c69ec8f06967077ea01b2ac17b9f989b0e9d68e324c1441cd94c76b16462d051aa0afe8d739607cb688a4308

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    210d0ba73ecc4be1087cb002959a53dc

    SHA1

    578b8d0de9752fad38cb960442db2713e6cf3410

    SHA256

    1afb5b4484b06b00b97f1faf59b2b185f6c7af52f700809887964dcd9fe5c029

    SHA512

    642029b78cafee7311652bdbac97f9213dfb639a7d77a821fc1be25f3f5243f102f142187379bb7d4d5d9cc80005c0f22722834cd8b2fefdd805d675d5da8930

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    098b603b2ade7b8e5bfa5c3921768234

    SHA1

    0cb7c4507906fb7d0e77dca2ae159ffcbf15a323

    SHA256

    c57f2db6d3521922718b93e1910202f798184a355b072919c48b486971d4ebeb

    SHA512

    30e3487bda3580fbd3630040c3456030f1d9468722376ab127e84b3ced02fb0658b1726d81daa9bac0d010f3d361b8b763db00d43dcb641adcab902719aeff73

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bee943a1dc82cca0b0912a5100627bd1

    SHA1

    8be22c2a0a4d729795b513df0e727a0ed601a584

    SHA256

    1cab63fd1113eae38cc41a8a1fe14a5b6b1c17fecd374a8eea331e6d43f4655b

    SHA512

    8c5d1d5a92b0660b2bacc3e31696c099d229633cd435de31e9526cf07ad69dcd33009b5b738776b6c2df9c3b5ce05a39fb1ce116544c11cbfdda82d40df4ff74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15933263cd917b675782a8b594429c21

    SHA1

    33b30b1a89cbc1a9d18ac6167a31e2ca89e011ef

    SHA256

    af1b78de312b75991f86b506564c822add8daf6807048f2f8e66b3cdab4047f0

    SHA512

    e4150510869f61dc987254e3143f47ddae6af27623a43eeb4d8b2b263e31cbd343bddbfc3c9cde116e9022e042c91f56a400c7eae81e46ce9ce66e1446795b03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1d43d610096227c49bcf80c91250295c

    SHA1

    2679717852c8ef8e255ca83cc304d9a0c691525f

    SHA256

    65475d073af86c68cc68fa823cb68a78380522239c4391943f4c2d879b872e7f

    SHA512

    2a1d5d3a4ce8d62ac142a9248f817491aa89a9ab0d0288137eaaa85a8bcef2c636f8f5d761934cc2aae5244b9fd2058b3f98fbb48dde018172ced8555b2a0d32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    56c767dc809ade8ebadc3a2d7c8e9216

    SHA1

    46c8c12943a3017186a0e53b9e3f05272ed37df6

    SHA256

    aceaa2df7f6548e8bdd7d27ce7a5842742dd9b89701c4029ee130ae1472f2a75

    SHA512

    1119d54744caff2d265f4a06e36146639a16eb2e9a98dbaadce4bf9ab04b00a0faece3caa0f1979bca13fc666592e5ae980cfe3de75c231966c57f768e36cae6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00a68e2943a104fe063cc243d4982097

    SHA1

    c32e68bf78dc695af60659a2b146e07a9e6f2c4b

    SHA256

    687ac140d8f93d75b359b35c98d4c2f5d1169b66442a629683564db51dd10379

    SHA512

    196efc7e8745b6a781854cba833b99f8561aa357d59e609d6cbf32567bb2fdb4d494fbcad9a6c5ce4ef80e5d279df282c3a10b78b8803f73b7da74a585ae38f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17e4a55c4dc0f6eeb2a5f4f069d2ffa8

    SHA1

    9d47b9e249c2318d427adc360e7314a3d8374906

    SHA256

    76fc490382a7b45fc100947edba1c41ea78833cba781acc9996f4afe667e003a

    SHA512

    57972c3016429da194ed9ea740715ee7605d94394d7eeab56b88fa0653ffa3900f082c1e0e814764611a9c93726db2fe0dd2bb13f13da877fbb540b46f83481d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c0deb0d5b954a71b46ea1c6d7196c9d

    SHA1

    43b31d60ae9739ad6b23aa88cf405600a8614dc6

    SHA256

    30a8e2f0c812e998a126374e967fe837838212e5f32b14b9b37fd304e7aad8a9

    SHA512

    90f2ce0b129ff66edb6d5da9cf525d80b31fef7b1ea02cab9cfaffd1e36383a43e6c993d1b56c45144f60b04bd3a0e7303e6e88ef295ce8905a6792f1de99816

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8b556461ab0e17227bb0a834b876038

    SHA1

    313fdccae1940ea86e320410b0e7c43439bc396d

    SHA256

    aea0158a10a7f03fd62fee30e3c3b2d83e01b094e7d879006a5ed8b6e251767a

    SHA512

    27f9241bf15f4e6eb8ffe85d1fccf68b21235df18051935e06799eeb8c4321cd810870eba9e58cc63ae75a5b85b508fafd25b81d244d97f37c19f4d39cbce7c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b98f097adae7088590ed33f732cddf13

    SHA1

    da141c7e2e2f1b20a9526f7bed14e9680dd2e792

    SHA256

    22172fc3abc883e4e7c679b54398a936f46754e64b3afe391e3151865e858e17

    SHA512

    8db09eced5e13159306bba1266f43731fb18cfc46aa21ec5338abc24539a98b324c2cc70646df121df8b357a9aff4444c6edd850af89a96356eca184127ec0d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3f38c3e04c0b09340b7d42915c771e4

    SHA1

    a1318b18b19e497862270c2fd8b16ceb54051f60

    SHA256

    fb58d1b33e32f7b6f6ff7c90223cd153d0ff5764c7dbce4addee92fe005b13c3

    SHA512

    e98da3bb1b54f6da6d988c7ff56f278fe7b9eb2fdb5a0221bc185a126bae2058c7aa07d3acb91764402b0f1053d66bd785455b99e677a7e8fff5e079f726f77d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E7A.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3EBB.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.